theresortatsummerlin.com Open in urlscan Pro
68.178.206.199 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rampartcasino.com/
Effective URL:
https://theresortatsummerlin.com/
Submission Tags: @phish_report
Submission: On December 31 via api (December 31st 2023, 11:50:44 am UTC) from FI — Scanned from FI

Summary HTTP 167 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 50 IPs in 7 countries across 50 domains to perform 167 HTTP transactions. The main IP is 68.178.206.199, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is theresortatsummerlin.com. The Cisco Umbrella rank of the primary domain is 979939.
TLS certificate: Issued by R3 on December 10th 2023. Valid for: 3 months.

This is the only time theresortatsummerlin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3036::6815:415e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
56	68.178.206.199 68.178.206.199	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
5	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
7	2a02:6ea0:c70... 2a02:6ea0:c700::17	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2	193.0.160.52 193.0.160.52	54312 (ROCKETFUEL) (ROCKETFUEL)
1	2600:9000:20b... 2600:9000:20b4:1600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
5 11	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	2a00:1450:400... 2a00:1450:4001:80b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8 14	193.0.160.131 193.0.160.131	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2a00:1450:400... 2a00:1450:400c:c1d::9d	15169 (GOOGLE) (GOOGLE)
2	207.189.124.17 207.189.124.17	13649 (ASN-FLEXE...) (ASN-FLEXENTIAL)
1	54.164.61.213 54.164.61.213	14618 (AMAZON-AES) (AMAZON-AES)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
8 8	13.32.27.28 13.32.27.28	16509 (AMAZON-02) (AMAZON-02)
4 11	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
7 7	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4 4	54.36.150.187 54.36.150.187	16276 (OVH) (OVH)
2 4	52.49.2.43 52.49.2.43	16509 (AMAZON-02) (AMAZON-02)
2	185.64.191.210 185.64.191.210	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
2	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
2	44.210.41.244 44.210.41.244	14618 (AMAZON-AES) (AMAZON-AES)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:1f18:612... 2600:1f18:612b:4264:b711:868:5175:f82d	14618 (AMAZON-AES) (AMAZON-AES)
1 3	54.216.96.95 54.216.96.95	16509 (AMAZON-02) (AMAZON-02)
2	52.49.16.44 52.49.16.44	16509 (AMAZON-02) (AMAZON-02)
2	52.57.107.196 52.57.107.196	16509 (AMAZON-02) (AMAZON-02)
4 4	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
4	2600:1f14:5db... 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6	16509 (AMAZON-02) (AMAZON-02)
19 25	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:237... 2600:9000:237d:c800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.123.94.79 3.123.94.79	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.10 18.245.60.10	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.3.7.191 52.3.7.191	14618 (AMAZON-AES) (AMAZON-AES)
1	54.78.109.25 54.78.109.25	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.6 216.52.2.6	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1 1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a02:6ea0:c70... 2a02:6ea0:c700::18	60068 (CDN77 ^_^) (CDN77 ^_^)
167	50

1 2606:4700:3036::6815:415e (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

rampartcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

56 68.178.206.199 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 199.206.178.68.host.secureserver.net

theresortatsummerlin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

github.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6ea0:c700::17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 193.0.160.52 (United States)

ASN54312 (ROCKETFUEL, US)

rrc.netmng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20b4:1600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 37.252.171.53 (Frankfurt am Main, Germany) 5 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 193.0.160.131 (United States) 8 redirects

ASN54312 (ROCKETFUEL, US)

20851055p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
20851056p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c1d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 207.189.124.17 (Highlands Ranch, United States)

ASN13649 (ASN-FLEXENTIAL, US)
PTR: forpci87.actonsoftware.com

marketing.theresortatsummerlin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.164.61.213 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-164-61-213.compute-1.amazonaws.com

bidagent.xad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 13.32.27.28 (United States) 8 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-28.fra56.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.174.68 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.66 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.36.150.187 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip187.ip-54-36-150.eu

cookie-matching.mediarithmics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.49.2.43 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-2-43.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 44.210.41.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-210-41-244.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:612b:4264:b711:868:5175:f82d (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.216.96.95 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-216-96-95.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.16.44 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-16-44.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.57.107.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-107-196.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.130.49 (United States) 4 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.91.62.186 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:c800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.94.79 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-94-79.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-10.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.71.149.231 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.3.7.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-7-191.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.109.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-109-25.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.6 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)

cdn77.api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
58	theresortatsummerlin.com theresortatsummerlin.com — Cisco Umbrella Rank: 979939 marketing.theresortatsummerlin.com	3 MB
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4333 i.simpli.fi — Cisco Umbrella Rank: 3745 um.simpli.fi — Cisco Umbrella Rank: 780	12 KB
14	rfihub.com 8 redirects 20851055p.rfihub.com 20851056p.rfihub.com p.rfihub.com — Cisco Umbrella Rank: 825 a.rfihub.com — Cisco Umbrella Rank: 2935	24 KB
13	userway.org cdn.userway.org — Cisco Umbrella Rank: 4271 api.userway.org — Cisco Umbrella Rank: 4071 cdn77.api.userway.org — Cisco Umbrella Rank: 7227	77 KB
11	rlcdn.com 4 redirects idsync.rlcdn.com — Cisco Umbrella Rank: 408	2 KB
11	adnxs.com 5 redirects secure.adnxs.com — Cisco Umbrella Rank: 478 ib.adnxs.com — Cisco Umbrella Rank: 229	8 KB
11	doubleclick.net 8 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 75 cm.g.doubleclick.net — Cisco Umbrella Rank: 219	4 KB
8	rezync.com 8 redirects live.rezync.com — Cisco Umbrella Rank: 1785	6 KB
5	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 36	343 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 685	1 KB
4	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 499 d.agkn.com — Cisco Umbrella Rank: 686	2 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
4	demdex.net 2 redirects dpm.demdex.net — Cisco Umbrella Rank: 208	2 KB
4	mediarithmics.com 4 redirects cookie-matching.mediarithmics.com — Cisco Umbrella Rank: 3494	1 KB
4	google.fi www.google.fi — Cisco Umbrella Rank: 35135	733 B
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 2693	837 B
3	tremorhub.com partners.tremorhub.com — Cisco Umbrella Rank: 1153 simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6102	523 B
3	openx.net us-u.openx.net — Cisco Umbrella Rank: 491	458 B
3	yahoo.com 1 redirects sp.analytics.yahoo.com — Cisco Umbrella Rank: 1308 cms.analytics.yahoo.com — Cisco Umbrella Rank: 1240 ups.analytics.yahoo.com — Cisco Umbrella Rank: 307	1015 B
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	2 KB
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2174	869 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 465	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 546	712 B
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 336	291 B
2	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 699	675 B
2	addthis.com x.dlx.addthis.com — Cisco Umbrella Rank: 1554	364 B
2	rtactivate.com bpi.rtactivate.com — Cisco Umbrella Rank: 1491	217 B
2	media.net contextual.media.net — Cisco Umbrella Rank: 665	1 KB
2	eyeota.net ps.eyeota.net — Cisco Umbrella Rank: 981	688 B
2	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 859	299 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 313	9 KB
2	netmng.com rrc.netmng.com	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 630	7 KB
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 339	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 138	544 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 835	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 850	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 848	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1556	421 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1661	324 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 846
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 372	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1258	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 674	237 B
1	xad.com bidagent.xad.com — Cisco Umbrella Rank: 18659	342 B
1	rfihub.net c1.rfihub.net — Cisco Umbrella Rank: 5475	6 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	hubspot.com github.hubspot.com — Cisco Umbrella Rank: 263942	2 KB
1	rampartcasino.com 1 redirects rampartcasino.com	779 B
167	50

	Domain	Requested by
56	theresortatsummerlin.com	theresortatsummerlin.com
25	um.simpli.fi	19 redirects
11	idsync.rlcdn.com	4 redirects theresortatsummerlin.com
8	p.rfihub.com	6 redirects theresortatsummerlin.com
8	live.rezync.com	8 redirects
7	cm.g.doubleclick.net	7 redirects
7	cdn.userway.org	theresortatsummerlin.com cdn.userway.org
6	secure.adnxs.com	3 redirects theresortatsummerlin.com
5	ib.adnxs.com	2 redirects theresortatsummerlin.com
5	www.googletagmanager.com	theresortatsummerlin.com www.google-analytics.com
4	api.userway.org	cdn.userway.org
4	sync-tm.everesttech.net	4 redirects
4	dsum-sec.casalemedia.com	2 redirects theresortatsummerlin.com
4	dpm.demdex.net	2 redirects theresortatsummerlin.com
4	cookie-matching.mediarithmics.com	4 redirects
4	a.rfihub.com	2 redirects c1.rfihub.net
4	www.google.fi	theresortatsummerlin.com
3	aa.agkn.com	1 redirects theresortatsummerlin.com
3	us-u.openx.net	theresortatsummerlin.com
3	www.google.com	1 redirects theresortatsummerlin.com
3	fonts.googleapis.com	theresortatsummerlin.com
2	cdn77.api.userway.org	cdn.userway.org
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	x.bidswitch.net	theresortatsummerlin.com
2	beacon.krxd.net	theresortatsummerlin.com
2	partners.tremorhub.com	theresortatsummerlin.com
2	x.dlx.addthis.com	theresortatsummerlin.com
2	bpi.rtactivate.com	theresortatsummerlin.com
2	contextual.media.net	theresortatsummerlin.com
2	ps.eyeota.net	theresortatsummerlin.com
2	image2.pubmatic.com	theresortatsummerlin.com
2	marketing.theresortatsummerlin.com	theresortatsummerlin.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	cdn.jsdelivr.net	www.googletagmanager.com
2	rrc.netmng.com	theresortatsummerlin.com rrc.netmng.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	theresortatsummerlin.com s.yimg.com
2	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
1	pixel.rubiconproject.com
1	www.googleadservices.com	1 redirects
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	loadm.exelator.com
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	region1.analytics.google.com	www.googletagmanager.com
1	sp.analytics.yahoo.com	theresortatsummerlin.com
1	bidagent.xad.com	theresortatsummerlin.com
1	20851056p.rfihub.com	c1.rfihub.net
1	20851055p.rfihub.com	c1.rfihub.net
1	tag.simpli.fi	www.googletagmanager.com
1	c1.rfihub.net	theresortatsummerlin.com
1	fonts.gstatic.com	fonts.googleapis.com
1	github.hubspot.com	theresortatsummerlin.com
1	rampartcasino.com	1 redirects
167	66

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
rewards.rampartcasino.net
www.marriott.com

Subject Issuer	Validity	Valid
www.theresortatsummerlin.com R3	`2023-12-10` - `2024-03-09`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
1667503734.rsc.cdn77.org R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.netmng.com Sectigo RSA Domain Validation Secure Server CA	`2023-01-23` - `2024-02-04`	a year	crt.sh
*.rfihub.net Amazon RSA 2048 M03	`2023-10-31` - `2024-11-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-02` - `2024-05-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.google.fi GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2023-04-27` - `2024-04-27`	a year	crt.sh
marketing.theresortatsummerlin.com R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
bidagent.xad.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
rtactivate.com Amazon RSA 2048 M01	`2023-03-14` - `2024-04-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-11` - `2024-12-11`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.agkn.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2023-09-07` - `2024-09-29`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-14` - `2024-04-12`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
api.userway.org Amazon RSA 2048 M03	`2023-09-02` - `2024-09-30`	a year	crt.sh
1784939676.rsc.cdn77.org R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://theresortatsummerlin.com/
Frame ID: EFAC649B2E27B3B6E46A61574024AC38
Requests: 128 HTTP requests in this frame

Frame: https://20851055p.rfihub.com/ca.html?ver=9&rb=50021&ca=20851055&_o=50021&_t=20851055&pe=https%3A%2F%2Ftheresortatsummerlin.com%2F&pf=&ra=5247279260829676
Frame ID: 421C7B48A5892FFA61D57F81BDE2A42C
Requests: 18 HTTP requests in this frame

Frame: https://20851056p.rfihub.com/ca.html?ver=9&rb=50021&ca=20851056&_o=50021&_t=20851056&pe=https%3A%2F%2Ftheresortatsummerlin.com%2F&pf=&ra=8507343422063134
Frame ID: 79103916B3397C442C790E09ABC08A1D
Requests: 18 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=50021&ca=20851055&ri=fa0065c9dfff0bb6ae2ca56bbff5cd0a&stats=%7B%2213488%22%3A%221214%2C1%22%2C%2217243%22%3A%2272%2C1%22%2C%2242261%22%3A%2296%2C1%22%2C%2250495%22%3A%22449%2C1%22%2C%2252220%22%3A%22259%2C1%22%2C%2253935%22%3A%22278%2C1%22%2C%2254497%22%3A%22429%2C1%22%2C%2254855%22%3A%22163%2C2%22%2C%2254863%22%3A%22602%2C1%22%2C%2255073%22%3A%22221%2C1%22%2C%2256659%22%3A%22479%2C1%22%2C%2256885%22%3A%22451%2C2%22%2C%2257347%22%3A%22458%2C2%22%2C%2257363%22%3A%22408%2C1%22%2C%2258143%22%3A%22179%2C1%22%2C%2258553%22%3A%22762%2C1%22%2C%2258561%22%3A%22430%2C1%22%7D&ra=4690046626130031
Frame ID: CD58C749FA1B3470EC242C7E64D7FFE8
Requests: 1 HTTP requests in this frame

Frame: https://a.rfihub.com/pstats.html?rb=50021&ca=20851056&ri=c8a3d07854948006b8eb5f8cbf342ffb&stats=%7B%2213488%22%3A%221936%2C1%22%2C%2217243%22%3A%22111%2C1%22%2C%2242261%22%3A%22150%2C1%22%2C%2250495%22%3A%22501%2C1%22%2C%2252220%22%3A%22276%2C1%22%2C%2253935%22%3A%22333%2C1%22%2C%2254497%22%3A%22483%2C1%22%2C%2254855%22%3A%22218%2C2%22%2C%2254863%22%3A%22657%2C1%22%2C%2255073%22%3A%22276%2C1%22%2C%2256659%22%3A%22534%2C1%22%2C%2256885%22%3A%22463%2C2%22%2C%2257347%22%3A%22513%2C2%22%2C%2257363%22%3A%22516%2C1%22%2C%2258143%22%3A%22276%2C1%22%2C%2258553%22%3A%22817%2C1%22%2C%2258561%22%3A%22505%2C1%22%7D&ra=4639578380445537
Frame ID: F05DCAD6F810B139D273CD71A097DFDC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rampart Casino at the Resort at Summerlin, NV | Las Vegas Hotels

Page URL History Show full URLs

http://rampartcasino.com/ HTTP 301
https://theresortatsummerlin.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Revslider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/revslider/[/\w-]+/js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

167
Requests

80 %
HTTPS

35 %
IPv6

50
Domains

66
Subdomains

50
IPs

7
Countries

3446 kB
Transfer

5818 kB
Size

51
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/RampartCasino

Search URL Search Domain Scan URL

URL: https://twitter.com/rampartcasino

Search URL Search Domain Scan URL

URL: https://www.instagram.com/rampartcasino/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCdvg7oHNbrhnNf5tsbmMSFA

Search URL Search Domain Scan URL

URL: https://rewards.rampartcasino.net/
Title: PLAYER LOGIN

Search URL Search Domain Scan URL

URL: http://www.marriott.com/hotels/hotel-rooms/lasjw-jw-marriott-las-vegas-resort-and-spa/#m-guest-room-container
Title: Rooms & Suites

Search URL Search Domain Scan URL

URL: https://www.marriott.com/offers/findOffers.mi?propertycodes=LASJW
Title: Deals & Packages

Search URL Search Domain Scan URL

URL: http://www.marriott.com/hotels/local-things-to-do/lasjw-jw-marriott-las-vegas-resort-and-spa/
Title: Local Area

Search URL Search Domain Scan URL

URL: http://www.marriott.com/reservation/availabilitySearch.mi?propertyCode=LASJW
Title: book now

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rampartcasino.com/ HTTP 301
https://theresortatsummerlin.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 60

https://secure.adnxs.com/px?id=1738673&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1738673%26t%3D2

Request Chain 61

https://secure.adnxs.com/seg?t=2&add=35396786 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D35396786

Request Chain 64

https://secure.adnxs.com/seg?add=14695675&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14695675%26t%3D1

Request Chain 87

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210829010348943&referrer=https%3A%2F%2Ftheresortatsummerlin.com%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119cfd17%253A1704023437.7981136%26_%3D1704023437.799462&cb=1704023437.7994869 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119cfd17%253A1704023437.7981136%26_%3D1704023437.799462 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&_=1704023437.799462 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1

Request Chain 88

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyOTAxMDM0ODk0Mw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBHseaBGRl9V9wyzpg2HHtI&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119cfd17%253A1704023437.7981136%26_%3D1704023438.2587729&cb=1704023438.2587965 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119cfd17%253A1704023437.7981136%26_%3D1704023438.2587729 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&_=1704023438.2587729 HTTP 307
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18 HTTP 303
https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx HTTP 302
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESENQq_cWmUXMg7RyAcUqrZRo&google_cver=1 HTTP 303
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENQq_cWmUXMg7RyAcUqrZRo&action=GET_ID&etid=&domid=1052 HTTP 302
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4503231902762533645&opid=apx&ops=&utidl=tech:goo:CAESENQq_cWmUXMg7RyAcUqrZRo&action=GET_ID&etid=&domid=1052 HTTP 303
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A64945631648

Request Chain 90

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210829010348943&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210829010348943&redir=

Request Chain 93

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5141210829010348943&bid=omt9pi0

Request Chain 96

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210829010348943&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210829010348943&forward=&C=1

Request Chain 103

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZFVjQALBt7xJgBH HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALBt7xJgBH&_test=ZZFVjQALBt7xJgBH

Request Chain 105

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=5108559731744733490&bid=omt9pi0

Request Chain 106

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZFVjQALA3u-TQBd HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALA3u-TQBd&_test=ZZFVjQALA3u-TQBd

Request Chain 107

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer=https%3A%2F%2Ftheresortatsummerlin.com%2F&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=99f975ea-46d5-49ba-aee6-1d5a6a526aa4%3A1704023437.796984&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D99f975ea-46d5-49ba-aee6-1d5a6a526aa4%253A1704023437.796984%26_%3D1704023437.7990634&cb=1704023437.7990882 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D99f975ea-46d5-49ba-aee6-1d5a6a526aa4%253A1704023437.796984%26_%3D1704023437.7990634 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=99f975ea-46d5-49ba-aee6-1d5a6a526aa4%3A1704023437.796984&_=1704023437.7990634 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1

Request Chain 108

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTc0NDczMzQ5MA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESELBXaTygOvwo1vzE6N3Jhn8&google_cver=1 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward= HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119cfd17%253A1704023437.7981136%26_%3D1704023438.1174607&cb=1704023438.1174905 HTTP 302
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119cfd17%253A1704023437.7981136%26_%3D1704023438.1174607 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&_=1704023438.1174607 HTTP 307
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID HTTP 302
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4503231902762533645

Request Chain 110

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559731744733490&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731744733490&redir=

Request Chain 115

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731744733490&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731744733490&forward=&C=1

Request Chain 133

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=74A50509522E4181A48EE9135A1A460F

Request Chain 134

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/74A50509522E4181A48EE9135A1A460F HTTP 302
https://sync.1rx.io/usersync/simplifi/74A50509522E4181A48EE9135A1A460F?zcc=1&cb=1704023438659 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-deb72207-7d81-437f-993a-2b9b7d67f287-003

Request Chain 135

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=74A50509522E4181A48EE9135A1A460F&dongle=yf3

Request Chain 136

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=74A50509522E4181A48EE9135A1A460F

Request Chain 137

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=74A50509522E4181A48EE9135A1A460F HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=74A50509522E4181A48EE9135A1A460F

Request Chain 138

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=74A50509522E4181A48EE9135A1A460F HTTP 302
https://d.agkn.com/pixel/10751/?che=1704023438567&ip=185.204.1.186&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219763204747001720436 HTTP 302
https://um.simpli.fi/aa_px?sk=219763204747001720436 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 139

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=74A50509522E4181A48EE9135A1A460F

Request Chain 142

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=74A50509522E4181A48EE9135A1A460F;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=74A50509522E4181A48EE9135A1A460F;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 143

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=74A50509522E4181A48EE9135A1A460F&j=0

Request Chain 145

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=74A50509522E4181A48EE9135A1A460F

Request Chain 146

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=74A50509522E4181A48EE9135A1A460F

Request Chain 147

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=74A50509522E4181A48EE9135A1A460F

Request Chain 148

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=74A50509522E4181A48EE9135A1A460F

Request Chain 149

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=74A50509522E4181A48EE9135A1A460F

Request Chain 150

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704023438276&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=jlWRZaLbH9TQ78EPssiaoAs&sscte=1&crd=&pscrd=IhMIotr3_c25gwMVVOg7Ah0ypAa0 HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIotr3_c25gwMVVOg7Ah0ypAa0&is_vtc=1&ocp_id=jlWRZaLbH9TQ78EPssiaoAs&cid=CAQSKQAvHhf_wZfA81mWoDdPPMoiPQDB-E3UUS81Z2-1Dn_JiufBuq5HTjyB&random=1915064195 HTTP 302
https://www.google.fi/pagead/1p-conversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIotr3_c25gwMVVOg7Ah0ypAa0&is_vtc=1&ocp_id=jlWRZaLbH9TQ78EPssiaoAs&cid=CAQSKQAvHhf_wZfA81mWoDdPPMoiPQDB-E3UUS81Z2-1Dn_JiufBuq5HTjyB&random=1915064195&ipr=y

Request Chain 152

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=74A50509522E4181A48EE9135A1A460F

Request Chain 153

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=74A50509522E4181A48EE9135A1A460F&expires=365

Request Chain 154

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=74A50509522E4181A48EE9135A1A460F

Request Chain 155

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESELYbmxwAYKTLY05mzAUSv9U&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=74A50509522E4181A48EE9135A1A460F HTTP 302
https://um.simpli.fi/g_match?id=

167 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
theresortatsummerlin.com/
Redirect Chain

http://rampartcasino.com/
https://theresortatsummerlin.com/

72 KB
16 KB

738ms
343ms

Document
text/html

68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: cc5d61ff6082dc4742fe334be1e48979e7e6bbd5f694212b6d526106aa2c9668

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: br
Content-Length: 15387
Content-Type: text/html; charset=UTF-8
Date: Sun, 31 Dec 2023 11:50:34 GMT
Keep-Alive: timeout=5, max=100
Link: <https://theresortatsummerlin.com/wp-json/>; rel="https://api.w.org/", <https://theresortatsummerlin.com/wp-json/wp/v2/pages/5>; rel="alternate"; type="application/json", <https://theresortatsummerlin.com/>; rel=shortlink
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
Vary: Accept-Encoding

Redirect headers

CF-Cache-Status: DYNAMIC
CF-RAY: 83e24e3e9b77d91e-HEL
Cache-Control: max-age=3600
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 31 Dec 2023 11:50:34 GMT
Expires: Sun, 31 Dec 2023 12:50:34 GMT
Location: https://theresortatsummerlin.com/
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dglgOqm78Qmiq2upnMUZBvAnmdOl%2FbKcri97XeKjkMIeK8av7FIzYmzbD8E5thh7yDOaU%2BXV8GQIn77NadG412uhYKSvRcr58JKs7EoJqXy2NGLjlEt%2B0ivH2X9fzmTSN39mCXfk4x81BlCjoCHzng%3D%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Redirect-By: WordPress
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 194 KB
71 KB 206ms
76ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-925875801

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4b6c611a2ad2a085f84b7ba10b47122b4a9ec6d8c11027c637cc722410293eb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72452
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Dec 2023 11:50:35 GMT

GET
H/1.1 200
OK sbi-styles.min.css
theresortatsummerlin.com/wp-content/plugins/instagram-feed/css/ 33 KB
5 KB 225ms
192ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/instagram-feed/css/sbi-styles.min.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Dec 2023 20:13:43 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "16401166-8297-60c419213cf80-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4647

GET
H/1.1 200
OK style.min.css
theresortatsummerlin.com/wp-includes/css/dist/block-library/ 102 KB
13 KB 421ms
195ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:45 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "f59beb-19824-60331b9d0756c-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 12822

GET
H/1.1 200
OK events-manager.min.css
theresortatsummerlin.com/wp-content/plugins/events-manager/includes/css/ 242 KB
40 KB 585ms
205ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/events-manager/includes/css/events-manager.min.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 28a049341dc40c7faee92f16b85262d6ad9ae78fc7eb7bb29e72705ea36f6830

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Dec 2023 20:13:15 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "e40069d-3c705-60c4190620a1e-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 40484

GET
H/1.1 200
OK style.css
theresortatsummerlin.com/wp-content/plugins/wc-shortcodes/public/assets/css/ 84 KB
9 KB 575ms
195ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/wc-shortcodes/public/assets/css/style.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 19b370bff7ea217f9b041eda593cb498f7c390f7eba772df1eb006251cdfc663

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:17 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "14407ea1-14e4a-5f8fc9adec7fc-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 9265

GET
H/1.1 200
OK style.css
theresortatsummerlin.com/wp-content/themes/rampartcasino/ 79 KB
15 KB 577ms
197ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: bac346bae3caa68cc9e5d4a91220008d439dbc411dfc8a9cd933f7234c70d044

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Oct 2023 13:21:01 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "580d8f7-13a42-6075c93fc76c5-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15404

GET
H/1.1 200
OK theme.css
theresortatsummerlin.com/wp-content/themes/rampartcasino/ 85 B
437 B 612ms
190ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/theme.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: dd0ac7848729ded76e1fe3bcce337b22697e3440e9feee3c62a67263afc8abf1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "580d8e7-55-5f8fc9ad88e33-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 36

GET
H/1.1 200
OK jquery.fancybox.min.css
theresortatsummerlin.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/ 5 KB
2 KB 657ms
192ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 4bce18de486fea257a1a5c9d5477070cec0ca1dff3438e5784161e8a8756da44

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:17 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "1049301-1514-5f8fc9adf25bd-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1217

GET
H/1.1 200
OK page-list.css
theresortatsummerlin.com/wp-content/plugins/page-list/css/ 2 KB
879 B 656ms
191ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/page-list/css/page-list.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 62a88fe954d3dd0835bec2b587835f31de3ca941e6f38e57f545e94a87bf7ae9

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "e40f87a-65d-5f8fc9ad9074b-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 475

GET
H/1.1 200
OK jquery.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ 85 KB
29 KB 773ms
197ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17808d4f-155ba-60331b9d2907f-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 29741

GET
H/1.1 200
OK jquery-migrate.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ 13 KB
5 KB 804ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17808d50-3509-60331b9d2907f-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 4685

GET
H/1.1 200
OK core.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 21 KB
7 KB 849ms
192ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/core.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c2107c-53be-60331b9d27cf6-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6810

GET
H/1.1 200
OK mouse.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 3 KB
1 KB 848ms
190ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/mouse.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:35 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c21084-d4a-60331b9d27cf6-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1001

GET
H/1.1 200
OK sortable.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 25 KB
7 KB 952ms
192ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/sortable.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c2109e-6369-60331b9d284c6-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 6338

GET
H/1.1 200
OK datepicker.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 36 KB
11 KB 998ms
193ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/datepicker.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c2109f-8f79-60331b9d28c97-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 10511

GET
H/1.1 200
OK resizable.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 18 KB
5 KB 1040ms
192ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/resizable.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 10a410ffc4397a10a60c58a979d3dfc8957258714e1a50f0acb6612eb74b90cd

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c2109b-4911-60331b9d284c6-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5131

GET
H/1.1 200
OK draggable.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 18 KB
5 KB 1042ms
192ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/draggable.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c210a0-4791-60331b9d27cf6-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 4656

GET
H/1.1 200
OK controlgroup.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 1144ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/controlgroup.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c21064-1126-60331b9d25db6-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1443

GET
H/1.1 200
OK checkboxradio.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 4 KB
2 KB 1152ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/checkboxradio.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c21060-10d5-60331b9d280de-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1273

GET
H/1.1 200
OK button.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 6 KB
2 KB 1154ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/button.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: c2e7e1df5aa596aa4afbf50374723963b66d3c94348d1410f2256d4aa86ddbaf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c21067-17f8-60331b9d284c6-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1814

GET
H/1.1 200
OK dialog.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ui/ 13 KB
4 KB 1190ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/ui/dialog.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: a4bddb9535f5e3fe9e500616b2f1e4b10e1a5930a197848966a7c316838570a0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 12:32:46 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17c21073-329d-60331b9d28c97-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 3618

GET
H/1.1 200
OK events-manager.min.js Show response
theresortatsummerlin.com/wp-content/plugins/events-manager/includes/js/ 327 KB
82 KB 1264ms
224ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/events-manager/includes/js/events-manager.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 8d739e9bc6d43b6b3f01e43cab3449079d5cf1f2a88203682afee48a038346e5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Dec 2023 20:13:15 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "14002297-51b3e-60c419062c987-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 83106

GET
H/1.1 200
OK rbtools.min.js Show response
theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/js/ 161 KB
59 KB 206ms
205ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 02 Oct 2023 15:26:41 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "8c08707-285db-606bd66add759-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 59633

GET
H/1.1 200
OK rs6.min.js Show response
theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/js/ 403 KB
99 KB 222ms
222ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 01a3f7860268b6b3b73afda4f0c9aa7c5b1a56b397a31c39138ee7380d8336df

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 02 Oct 2023 15:26:41 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "8c08708-64b31-606bd66ad0468-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 101067

GET
H/1.1 200
OK js-anim.js Show response
theresortatsummerlin.com/wp-content/themes/rampartcasino/js/ 20 KB
5 KB 1234ms
192ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/js/js-anim.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 3f3ab657495aa2eb810cc45aa1e9faf179f4fcd1b621dc722fba93fcaaff2d28

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6c00fca-4e3d-5f8fc9ad8c0fb-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4252

GET
H/1.1 200
OK popup.js Show response
theresortatsummerlin.com/wp-content/themes/rampartcasino/js/ 401 B
630 B 1336ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/js/popup.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 347d7d441882d9b031d7cff98ccff8abf210f5def49e76d8d27e60a97b77b2f5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6c00fce-191-5f8fc9ad8c4e3-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 213

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 145 KB
55 KB 82ms
80ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NDZJXF3

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5a8f9c0147bd0fa56995e20612b6beb5338e391640d653b998016b0459416c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56151
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Dec 2023 11:50:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 203 KB
73 KB 75ms
74ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MF3SKNP

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b7376e6a285e38d254204d0fa6aa29a9280308c4d4bf0e2e92c55e47d1fac920

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75103
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Dec 2023 11:50:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 165 KB
59 KB 109ms
108ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PLJTQZS2

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

897612bbd73c05d233cb2e1a9128058e27551b77a0e56b24f8d57a9d35de00b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:36 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60566
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 31 Dec 2023 11:50:36 GMT

GET
H/1.1 200
OK dummy.png
theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/assets/ 68 B
422 B 190ms
190ms Image
image/png 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Last-Modified: Mon, 02 Oct 2023 15:26:38 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "9401c42-44-606bd667b2299"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 68

GET
H2 200 odometer-theme-default.css
github.hubspot.com/odometer/themes/ 4 KB
2 KB 174ms
87ms Stylesheet
text/css 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://github.hubspot.com/odometer/themes/odometer-theme-default.css

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b7044ab9a3f46f4890fae92fd21c2399ea637809a9c79c1c358e24588347532f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-fastly-request-id: 61e77ea380c1c00154f21acfa4504b36934f14a8
date: Sun, 31 Dec 2023 11:50:35 GMT
via: 1.1 varnish
content-encoding: br
expires: Tue, 19 Dec 2023 19:47:45 GMT
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-proxy-cache: MISS
x-cache: MISS
x-served-by: cache-bma1651-BMA
last-modified: Wed, 20 Jun 2018 19:00:44 GMT
server: cloudflare
x-github-request-id: 320A:11FA8:18E0FAA:194B70E:65412AA5
x-timer: S1698769574.476147,VS0,VE122
etag: W/"5b2aa45c-fac"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kN3DtbIjGnWE7px9GKtnchLQJrKHARdNg26PW4rCQT6mdKSxEQWvRofIJEaju7P%2FLyzML1UNggLmY5gSRexOfzGTVdAkCM6p7liqp6MIgxn8uSix4cCbv0YosghfEEUcQ8OiGiY9R2WnRvy3VeUAzg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-origin-cache: HIT
cf-ray: 83e24e46a87ed93f-HEL
x-cache-hits: 0

GET
H2 200 css
fonts.googleapis.com/ 2 KB
994 B 200ms
70ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400&display=swap

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 11:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 11:43:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 11:50:35 GMT

GET
H/1.1 200
OK revicons.woff
theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/fonts/revicons/ 7 KB
8 KB 1313ms
191ms Font
font/woff 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/fonts/revicons/revicons.woff?5510888
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686

Request headers

Referer: https://theresortatsummerlin.com/
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 02 Oct 2023 15:27:08 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "80000f2-1d70-606bd68511db8-br"
Vary: Accept-Encoding
Content-Type: font/woff
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7459

GET
H/1.1 200
OK rs6.css
theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/css/ 57 KB
12 KB 196ms
195ms Stylesheet
text/css 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/css/rs6.css
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 02 Oct 2023 15:26:40 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6000129-e3d7-606bd66991e8c-br"
Vary: Accept-Encoding
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 11968

GET
H/1.1 200
OK jquery.fitvids.js Show response
theresortatsummerlin.com/wp-content/themes/rampartcasino/js/FitVids.js-master/ 3 KB
2 KB 191ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/js/FitVids.js-master/jquery.fitvids.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 7746056c991475c9236a4436e376508eee33b50db8d63b581bfc8890b3d7dbf1

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 19:09:04 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "70088e5-d6b-603374326944b-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1169

GET
H/1.1 200
OK FitVids.js Show response
theresortatsummerlin.com/wp-content/themes/rampartcasino/js/ 176 B
532 B 191ms
190ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/js/FitVids.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 4957206b5799b2abb90dbe6bcad86e6b166e2975d8c0ae8fa8464525a2410aa5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6c00fcd-b0-5f8fc9ad8c4e3-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 116

GET
H/1.1 200
OK auto_image_alt.js Show response
theresortatsummerlin.com/wp-content/plugins/auto-image-alt/js/ 573 B
644 B 191ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/auto-image-alt/js/auto_image_alt.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 90b91e17c86159aaf7840b1a00bfe8633968d7ee6ff706cf57b2bb46e676b099

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:17 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "b007414-23d-5f8fc9ae407c4-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 227

GET
H/1.1 200
OK imagesloaded.min.js Show response
theresortatsummerlin.com/wp-includes/js/ 5 KB
2 KB 191ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/imagesloaded.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:18 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "d805af9-15fd-5f8fc9af02566-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 1733

GET
H/1.1 200
OK masonry.min.js Show response
theresortatsummerlin.com/wp-includes/js/ 24 KB
7 KB 195ms
193ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/masonry.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:18 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "d805b1a-5e4a-5f8fc9af0e0e8-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 7130

GET
H/1.1 200
OK jquery.masonry.min.js Show response
theresortatsummerlin.com/wp-includes/js/jquery/ 2 KB
1 KB 192ms
190ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-includes/js/jquery/jquery.masonry.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:18 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "17808d5b-71b-5f8fc9af08af7-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 628

GET
H/1.1 200
OK rsvp.js Show response
theresortatsummerlin.com/wp-content/plugins/wc-shortcodes/public/assets/js/ 1 KB
750 B 193ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/wc-shortcodes/public/assets/js/rsvp.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 9b0d3d5c0f4356eb0d53766a79309c5aee5ea3f1488742bca515b8e77c9a21d8

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:17 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "14c06c35-43f-5f8fc9adedf6c-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 332

GET
H/1.1 200
OK jquery.main.js Show response
theresortatsummerlin.com/wp-content/themes/rampartcasino/js/ 134 KB
38 KB 202ms
201ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/js/jquery.main.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 26a3959164457c1a0af0c8e9e477ea8ce919ee74014a5d7889b8c4c5af80fe78

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Fri, 18 Aug 2023 19:07:14 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6c00fcb-21922-603373c9271e3-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 38564

GET
H/1.1 200
OK anim-init.js Show response
theresortatsummerlin.com/wp-content/themes/rampartcasino/js/ 632 B
715 B 191ms
190ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/js/anim-init.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 06e5b84544863dd8023c2daf43d7c50f7cbfc43b17a41ef4feeea403af932485

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6c00fc9-278-5f8fc9ad8c0fb-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 298

GET
H/1.1 200
OK jquery.fancybox.min.js Show response
theresortatsummerlin.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/ 17 KB
6 KB 193ms
192ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/easy-fancybox/fancybox/1.5.4/jquery.fancybox.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: e0a709b63261993d42234f053ee43b75d43af3d7b0f147eced60c97c3e6c8f95

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:17 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "1049303-454a-5f8fc9adf25bd-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 5343

GET
H/1.1 200
OK jquery.easing.min.js Show response
theresortatsummerlin.com/wp-content/plugins/easy-fancybox/vendor/ 2 KB
1 KB 191ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/easy-fancybox/vendor/jquery.easing.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:17 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "16004531-8fe-5f8fc9adeeb24-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 734

GET
H/1.1 200
OK smush-lazy-load.min.js Show response
theresortatsummerlin.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 191ms
191ms Script
application/javascript 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 11 Dec 2023 20:13:45 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "94001cf-1ef2-60c41923895c5-br"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=89
Content-Length: 3554

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/925875801/ 3 KB
2 KB 228ms
100ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925875801/?random=1704023435508&cv=11&fst=1704023435508&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheresortatsummerlin.com%2F&hn=www.googleadservices.com&frm=0&tiba=Rampart%20Casino%20at%20the%20Resort%20at%20Summerlin%2C%20NV%20%7C%20Las%20Vegas%20Hotels&auid=455333034.1704023436&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-925875801

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d23752e8b1cba79802c6c4b004a67de70690119570a233746fdc2966b411348

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1287
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
617 B 76ms
75ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Hind:400,300,500,600,700

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4d7b9d1069028ea92e5e75de84ff2876e828caf5e4b65decd79872b3de273548

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 11:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 11:50:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 11:50:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 1 KB
544 B 73ms
73ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merienda

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

43cc10f626704c5884ef680fc0b14bcc5274f7cbdde83fc3e590e798644cbe17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 11:50:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 31 Dec 2023 11:49:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 31 Dec 2023 11:50:35 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 305ms
58ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Sun, 31 Dec 2023 11:44:10 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: AX9NJC2Y1E26YZH5
age: 388
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: pT8Oj97nQG2wQhtkT1gdMTmzDcITs1AGPzt6dasDadak3CiERoL9XbTJYCCa7nVWVdtsDCyigRXPDrzzMAaAsA==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK icomoon.ttf
theresortatsummerlin.com/wp-content/themes/rampartcasino/fonts/ 2 KB
2 KB 257ms
191ms Font
font/ttf 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/fonts/icomoon.ttf?u50dek
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: b75309a1a7f739248c80dfc96d9bc80efaf35221b49e9b3ef4a8475796b93eed

Request headers

Referer: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:36 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "60000d1-7b4-5f8fc9ad89603-br"
Vary: Accept-Encoding
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1259

GET
H/1.1 200
OK gotham-bold-webfont.ttf
theresortatsummerlin.com/wp-content/themes/rampartcasino/fonts/ 38 KB
20 KB 302ms
195ms Font
font/ttf 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/fonts/gotham-bold-webfont.ttf?hm2kg8
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 7d8c8fb83c837d7fcf5e28db90261ec8c08277c214d77be47c8e9de0fe638a9a

Request headers

Referer: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "60000d2-9920-5f8fc9ad89603-br"
Vary: Accept-Encoding
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 20184

GET
H/1.1 200
OK gotham-book-webfont.ttf
theresortatsummerlin.com/wp-content/themes/rampartcasino/fonts/ 39 KB
20 KB 382ms
195ms Font
font/ttf 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/fonts/gotham-book-webfont.ttf?hm2kg8
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 327a51e89967ef2b03658329373d060b47dfc7b3c3998f489cc4850e114ac8b4

Request headers

Referer: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/style.css
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Content-Encoding: br
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "60000d4-9a5c-5f8fc9ad89603-br"
Vary: Accept-Encoding
Content-Type: font/ttf
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 20547

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 183ms
55ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: eb6398a0114471edabc6249e08a1bee85f0df4c7176b379912020b2cda9ad577

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:36 GMT
via: 1.1 0a71d283a25c1e3f082b4dbc9d844dfe.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 1316
x-amz-cf-pop: FRA60-P3
age: 492
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1704022120
x-77-nzt: EgwBnJIhiAH3JAUAAAwBJRPCLgH3DgAAAA
x-accel-expires: @1704025720
x-77-age: 1330
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:39 GMT
server: CDN77-Turbo
etag: W/"b9c3898b29dc13b93eb75f9925d043ea"
x-77-nzt-ray: f6587a1d96c26f828d559165ac2c0200
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=3600, public
content-type: application/javascript
x-amz-cf-id: WvVI8t2ga6qK14w2w1nRup7W2ykZSF4v61DRCZ6lyPk3Riswn7UvFQ==

GET
H/1.1 200
OK purplepattern.jpg
theresortatsummerlin.com/wp-content/themes/rampartcasino/images/ 131 KB
131 KB 191ms
191ms Image
image/jpeg 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/images/purplepattern.jpg
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 768d5a5bf23dfd2aea306622043e8f59253e18200941588ca825bedda55712ae

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6409ada-20c3c-5f8fc9ad8a5a3"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 134204

GET
H2 200 5aU69_a8oxmIdGl4BA.woff2
fonts.gstatic.com/s/hind/v16/ 16 KB
16 KB 189ms
61ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/hind/v16/5aU69_a8oxmIdGl4BA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Hind:400,300,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sat, 30 Dec 2023 04:31:29 GMT
x-content-type-options: nosniff
age: 112748
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16216
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:45:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Dec 2024 04:31:29 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 190ms
60ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NDZJXF3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 31 Dec 2023 11:22:25 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1692
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 31 Dec 2023 13:22:25 GMT

GET
H/1.1 200
OK / Show response
rrc.netmng.com/ 269 B
1 KB 776ms
60ms Script
text/javascript 193.0.160.52
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://rrc.netmng.com/?aid=5970&siclientid=
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.52 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 268fe890a73de1a0eccb474a409549f39c29fd98db6016a75625c480cda5ae60

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Fri, 29 Dec 2023 11:50:37 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Fri, 29 Dec 2023 11:50:37 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 236ms
66ms Script
application/x-javascript 2600:9000:20b4:1600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20b4:1600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 10:50:39 GMT
content-encoding: gzip
via: 1.1 6fe2d3277e4f5f1aafe45d46bdc36cf0.cloudfront.net (CloudFront)
last-modified: Sun, 31 Dec 2023 10:50:29 GMT
server: Jetty(9.4.51.v20230217)
x-amz-cf-pop: AMS58-P4
age: 3598
x-cache: Hit from cloudfront
content-type: application/x-javascript
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: public, max-age=3600
content-length: 6162
x-amz-cf-id: KBfbET68zH7cRzvAcaWneuukZ-QAyf_HaQeKtKNlSLSfSwvSX3zUvQ==
expires: Sun, 31 Dec 2023 11:50:39 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/px?id=1738673&t=2
https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1738673%26t%3D2

43 B
842 B

64ms
64ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1738673%26t%3D2

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: 1285d997-a88c-461b-bdd4-2af57a0e3e71
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: bc40b7b0-79ff-4d57-b6ea-d4c6dfeaf692
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1738673%26t%3D2
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=35396786
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D35396786

43 B
842 B

57ms
57ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D35396786

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: 8afd1d9c-0e92-47f0-bdf5-9b0e842aad4b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: c04294ff-991f-4ece-a443-3a07c3b9b5de
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D35396786
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookieconsent.min.css
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 5 KB
2 KB 119ms
47ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.css

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF3SKNP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41106
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230078-FRA, cache-bma1651-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"135e-3nthfC1sCV/yhiNebPZMMo2hpL8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqqEuHWpA0sNYqTI71EmVjL4s%2BJ8gwQU13vYEJfWQHDVhSrFyYkc3hc2%2FDMzt5j%2FZUTr8meADBt3e0MoJCQR1AP0gNdBc6eRmtjBxYfQDkQBTTZ%2B2QgB5%2B8ofLD3JrhumCgd%2FWjNBJyAcSM6LEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83e24e51eefc70fe-HEL

GET
H2 200 cookieconsent.min.js Show response
cdn.jsdelivr.net/npm/cookieconsent@3/build/ 20 KB
7 KB 81ms
51ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/cookieconsent@3/build/cookieconsent.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF3SKNP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 41178
x-jsd-version: 3.1.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230120-FRA, cache-bma1677-BMA
x-jsd-version-type: version
server: cloudflare
etag: W/"50d5-nLraS9YXyGxjjPLr3exyStWWkHs"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2Evd7mNn5VwiZfUZ5hUoLnWkG2c4nyIsCuAaPx4CKnd897WPckey8n75%2FS%2FITLrM0gWS9vGsJXPea7IUTuiT2ljSolpbJx9gTCtlaLkrgDKi2pMn2KmBDvVdVidDvZr8iAMt%2BzxoR9PwoCLL38E%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 83e24e51ef0170fe-HEL

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=14695675&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14695675%26t%3D1

0
808 B

57ms
57ms

Script
application/javascript

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14695675%26t%3D1

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: 2fcdb026-512a-4b53-b698-a5039e73af24
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: d2e61665-0e26-41e0-b372-6d8e48820cd9
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D14695675%26t%3D1
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/925875801/ 42 B
455 B 201ms
72ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/925875801/?random=1704023435508&cv=11&fst=1704020400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheresortatsummerlin.com%2F&frm=0&tiba=Rampart%20Casino%20at%20the%20Resort%20at%20Summerlin%2C%20NV%20%7C%20Las%20Vegas%20Hotels&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_5vGwhfTHi41XT2nsT1W_bP6XGonnwQ&random=2365355241&rmt_tld=0&ipr=y

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.fi/pagead/1p-user-list/925875801/ 42 B
455 B 232ms
72ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-user-list/925875801/?random=1704023435508&cv=11&fst=1704020400000&bg=ffffff&guid=ON&async=1&gtm=45be3bt0&u_w=1600&u_h=1200&url=https%3A%2F%2Ftheresortatsummerlin.com%2F&frm=0&tiba=Rampart%20Casino%20at%20the%20Resort%20at%20Summerlin%2C%20NV%20%7C%20Las%20Vegas%20Hotels&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_5vGwhfTHi41XT2nsT1W_bP6XGonnwQ&random=2365355241&rmt_tld=1&ipr=y

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10055360.json Show response
s.yimg.com/wi/config/ 2 B
487 B 272ms
157ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10055360.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-request-id: AVQ5Q48Y8Q0VW5SX
age: 0
content-length: 22
x-amz-id-2: GuRsgCkUk6fsEI0obQm2hdv+4bgCFOJ76pPXzftTL5gKQVjv0k8X9gFx+vq3Ma+vTp41BzU13bk=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
228 B 68ms
67ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1346366551&t=pageview&_s=1&dl=https%3A%2F%2Ftheresortatsummerlin.com%2F&ul=en-us&de=UTF-8&dt=Rampart%20Casino%20at%20the%20Resort%20at%20Summerlin%2C%20NV%20%7C%20Las%20Vegas%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=863826156&gjid=967373493&cid=1623275920.1704023437&tid=UA-29231856-1&_gid=456958285.1704023437&_r=1&_slc=1&gtm=45He3bt0n81NDZJXF3&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=561156538

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

856ab77157eae534661bc4cf795e067a5f13820d4e2d9701b6e323f5788e670c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theresortatsummerlin.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theresortatsummerlin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ec65c79a-5fb3-4acc-96d9-a5a36d524fd9 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 192ms
61ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/ec65c79a-5fb3-4acc-96d9-a5a36d524fd9
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MF3SKNP
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: fe203f7ec2e125e1d7bb1cecbc6fd182e383993398962f173faaf8b94f11d5bf

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F6XoSbssV857bf_aiqmB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ca.html Show response
20851055p.rfihub.com/ Frame 421C 5 KB
6 KB 377ms
64ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20851055p.rfihub.com/ca.html?ver=9&rb=50021&ca=20851055&_o=50021&_t=20851055&pe=https%3A%2F%2Ftheresortatsummerlin.com%2F&pf=&ra=5247279260829676
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: a5bd3bb26338c4a6832794fb44fd11c79290dc16caf9918cafacb7e8d984f180

Request headers

Referer: https://theresortatsummerlin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4922
Content-Type: text/html;charset=utf-8
Date: Sun, 31 Dec 2023 11:50:37 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H/1.1 200
OK ca.html Show response
20851056p.rfihub.com/ Frame 7910 5 KB
6 KB 315ms
61ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20851056p.rfihub.com/ca.html?ver=9&rb=50021&ca=20851056&_o=50021&_t=20851056&pe=https%3A%2F%2Ftheresortatsummerlin.com%2F&pf=&ra=8507343422063134
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 4557b6f11b5a5bb591f8a3cccc7c0883a2ec42230bc96b032d425d41d235adc6

Request headers

Referer: https://theresortatsummerlin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Cache-Control: no-cache
Content-Length: 4922
Content-Type: text/html;charset=utf-8
Date: Sun, 31 Dec 2023 11:50:37 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 196ms
66ms XHR
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-29231856-1&cid=1623275920.1704023437&jid=863826156&gjid=967373493&_gid=456958285.1704023437&_u=YEBAAEAAAAAAACAAI~&z=1757873347

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://theresortatsummerlin.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 31 Dec 2023 11:50:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theresortatsummerlin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 242 KB
84 KB 78ms
77ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V8TD19BBZG&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b18c313efdeda8074f2cbaf880d6e09d6b885092bf718cdfbc78842c34b73f70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:37 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85782
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 31 Dec 2023 11:50:37 GMT

GET
H/1.1 200
OK logo.png
theresortatsummerlin.com/wp-content/themes/rampartcasino/images/ 13 KB
13 KB 191ms
190ms Image
image/png 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/images/logo.png
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 15520e3700378373dd78bc29a2c3ab91642a3caf4bc2c66310f5db193e921fd4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6409ae5-32f8-5f8fc9ad8ad73"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=88
Content-Length: 13048

GET
H/1.1 200
OK icon-griffin.png
theresortatsummerlin.com/wp-content/themes/rampartcasino/images/ 1 KB
2 KB 193ms
192ms Image
image/png 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/images/icon-griffin.png
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 221f460e25860fe5f822248bd0923f4d0bda02b1282a8000e499b3e6dc56bc21

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6409af6-514-5f8fc9ad8bd13"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1300

GET
H/1.1 200
OK 4653_RampartRewardsApp_Ongoing_May2022_370x250-300x203.jpg
theresortatsummerlin.com/wp-content/uploads/2022/04/ 18 KB
18 KB 192ms
191ms Image
image/jpeg 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/uploads/2022/04/4653_RampartRewardsApp_Ongoing_May2022_370x250-300x203.jpg
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 26687d0d7506d32071235f7b59d6f625ffcea714874f993c1d5f9af84f94ea2e

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Thu, 21 Apr 2022 00:47:41 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "e811b06-471b-5dd1f750c0540"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 18203

GET
H/1.1 200
OK Unknown-300x203.jpeg
theresortatsummerlin.com/wp-content/uploads/2022/08/ 23 KB
24 KB 191ms
190ms Image
image/jpeg 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/uploads/2022/08/Unknown-300x203.jpeg
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 398ecef989d2d3f1ac867d4c2bd553c2aeb337e031c6d425a2283817d2d89ddc

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Fri, 18 Aug 2023 13:12:07 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "e0097f3-5dc0-603324690aa27"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 24000

GET
H/1.1 200 15283 Show response
marketing.theresortatsummerlin.com/cdnr/87/acton/bn/tracker/ 5 KB
5 KB 749ms
193ms Script
application/javascript 207.189.124.17
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to

Full URL

https://marketing.theresortatsummerlin.com/cdnr/87/acton/bn/tracker/15283

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.17 Highlands Ranch, United States, ASN13649 (ASN-FLEXENTIAL, US),

Reverse DNS

forpci87.actonsoftware.com

Software

Resource Hash

34cbf3228071638e2f9dfba3c28372bfb3007ac64cafbf2d24fa3b24580027b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: application/javascript;charset=utf-8
Date: Sun, 31 Dec 2023 11:50:37 GMT
X-Cnection: close
Strict-Transport-Security: max-age=16070400
Content-Length: 4861
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"

GET
H2 200 widget_app_base_1703682904009.js Show response
cdn.userway.org/widgetapp/2023-12-27-13-15-04/ 137 KB
41 KB 170ms
58ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: fef48719eaa745024d0b801254bd0fc8907d2eae226fb77b8550bce864ebd33b

Request headers

Referer: https://theresortatsummerlin.com/
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:37 GMT
via: 1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 339796
x-amz-cf-pop: FRA60-P3
age: 490
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683641
x-77-nzt: EgwBnJIhiAH3VC8FAAwBJRPCKAH3EAAAAA
x-accel-expires: @1729603625
x-77-age: 339812
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"eb0a361513cfc3cde5aea3a3fe34989f"
x-77-nzt-ray: f6587a1d82d1df8c8d55916544fde41c
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: PcHnDQhh0EHFRu14yTbQGzTkgxJmvsSV78MWi7WXTShhHtDfo4TfgQ==

GET
H/1.1 200
OK 181518
bidagent.xad.com/conv/ 42 B
342 B 562ms
136ms Image
image/gif 54.164.61.213
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidagent.xad.com/conv/181518?ts=1704023437344
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.164.61.213 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-164-61-213.compute-1.amazonaws.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Connection: keep-alive
Content-Length: 42
Content-Type: image/gif

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
633 B 252ms
76ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Sun%2C%2031%20Dec%202023%2011%3A50%3A37%20GMT&n=-2&b=Rampart%20Casino%20at%20the%20Resort%20at%20Summerlin%2C%20NV%20%7C%20Las%20Vegas%20Hotels&.yp=10055360&f=https%3A%2F%2Ftheresortatsummerlin.com%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Sun, 31 Dec 2023 11:50:37 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 102ms
34ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-V8TD19BBZG&gtm=45je3bt0v9123819011&_p=1704023435183&_gaz=1&gcd=11l1l1l1l2&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=1623275920.1704023437&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Ftheresortatsummerlin.com%2F&dt=Rampart%20Casino%20at%20the%20Resort%20at%20Summerlin%2C%20NV%20%7C%20Las%20Vegas%20Hotels&sid=1704023437&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3517
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V8TD19BBZG&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theresortatsummerlin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 65ms
65ms Ping
text/plain 2a00:1450:400c:c1d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-V8TD19BBZG&cid=1623275920.1704023437&gtm=45je3bt0v9123819011&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V8TD19BBZG&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c1d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theresortatsummerlin.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 87ms
86ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-V8TD19BBZG&cid=1623275920.1704023437&gtm=45je3bt0v9123819011&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l2&z=808277367

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 87ms
87ms Image
image/gif 2a00:1450:4001:80b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-29231856-1&cid=1623275920.1704023437&jid=863826156&_u=YEBAAEAAAAAAACAAI~&z=1536791829

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.fi/ads/ 42 B
107 B 85ms
85ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-29231856-1&cid=1623275920.1704023437&jid=863826156&_u=YEBAAEAAAAAAACAAI~&z=1536791829

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 7910
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5141210829010348943&referrer=https%3A%2F%2Ftheresortatsummerlin.com%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0...
https://idsync.rlcdn.com/501709.gif?partner_uid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&_=1704023437.799462
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1

42 B
60 B

68ms
68ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

480429.gif
idsync.rlcdn.com/ Frame 7910
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MTIxMDgyOTAxMDM0ODk0Mw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEBHseaBGRl9V9wyzpg2HHtI&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0...
https://idsync.rlcdn.com/501709.gif?partner_uid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&_=1704023438.2587729
https://cookie-matching.mediarithmics.com/v1/get_user_agent_id?dom_token=lvr18
https://cookie-matching.mediarithmics.com/v1/get_or_create?domid=1052
https://cm.g.doubleclick.net/pixel?google_nid=medr&google_cm&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx
https://cookie-matching.mediarithmics.com/input?key=GOO&key=GOO&action=GET_ID&opid=goo&etid=&domid=1052&ops=apx&google_gid=CAESENQq_cWmUXMg7RyAcUqrZRo&google_cver=1
https://ib.adnxs.com/getuid?https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=$UID&opid=apx&ops=&utidl=tech:goo:CAESENQq_cWmUXMg7RyAcUqrZRo&action=GET_ID&etid=&domid=1052
https://cookie-matching.mediarithmics.com/input?key=APX&apx_uid=4503231902762533645&opid=apx&ops=&utidl=tech:goo:CAESENQq_cWmUXMg7RyAcUqrZRo&action=GET_ID&etid=&domid=1052
https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A64945631648

42 B
60 B

66ms
66ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A64945631648
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:39 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

location: https://idsync.rlcdn.com/480429.gif?partner_uid=vec%3A64945631648
date: Sun, 31 Dec 2023 11:50:39 GMT
strict-transport-security: max-age=63072000;includeSubDomains;preload
content-length: 0

GET
H2 200 setuid
ib.adnxs.com/ Frame 7910 43 B
835 B 108ms
106ms Image
image/gif 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5141210829010348943

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: 520340e3-32dd-4765-9489-fc69ab5b9c8b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 7910
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5141210829010348943&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210829010348943&redir=

42 B
717 B

77ms
76ms

Image
image/gif

52.49.2.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210829010348943&redir=

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Server

52.49.2.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-2-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-038fdd4b2.edge-irl1.demdex.com 2 ms
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: W46d4NjUTPU=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-06e6f5928.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: dYtXg7wjTJw=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5141210829010348943&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 7910 0
74 B 216ms
64ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5141210829010348943&r=
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 31 Dec 2023 11:50:37 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 7910 43 B
264 B 147ms
63ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5141210829010348943&r=
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 7910
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5141210829010348943&bid=omt9pi0

0
344 B

227ms
55ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5141210829010348943&bid=omt9pi0
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:38 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5141210829010348943&bid=omt9pi0
Date: Sun, 31 Dec 2023 11:50:37 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 7910 57 B
619 B 246ms
114ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5141210829010348943

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 11:50:37 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Sun, 31 Dec 2023 11:50:37 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 7910 43 B
108 B 503ms
195ms Image
image/gif 44.210.41.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5141210829010348943
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.41.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-41-244.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame 7910
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210829010348943&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210829010348943&forward=&C=1

43 B
340 B

84ms
83ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5141210829010348943&forward=&C=1
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CPdmQyLO6%2FvQdvu7Asnk9azo%2FDUKNPsGoTsQM4fso1RBnBi7xskFbrjvTJpCzyTHzMjiCWBL%2FT0j213yPEy8ohy%2BAjN4Dh9MTeWrH1Vhv%2Fw5dhzwB1hbnv5hXABtYkewGahnkLXDKRz6Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83e24e55fbbc2d83-ARN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=54ZFNMBYpMW3i7xs9WUqP%2Fdl6X77zkCHQ3LcSDXXO9AT%2FJabuxA52%2FvJwvpbc81pdHiUpRwQ1tEkxUz6ZB5VHphjyF9NEqyL3eMDNTSToL%2FxsngyaMDZUfa8DMIQNqvSP7EayyOVDQGkng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5141210829010348943&forward=&C=1
cache-control: no-cache
cf-ray: 83e24e557af42d83-ARN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 7910 42 B
440 B 143ms
67ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5141210829010348943
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 7910 43 B
182 B 350ms
210ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5141210829010348943

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-169-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 31 Dec 2023 11:50:38 GMT
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 7910 43 B
175 B 437ms
133ms Image
image/gif 2600:1f18:612b:4264:b711:868:5175:f82d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5141210829010348943&r=XzQU_SucboNo
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:b711:868:5175:f82d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 31 Dec 2023 11:50:38 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 7910 43 B
377 B 234ms
72ms Image
image/gif 54.216.96.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5141210829010348943
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-96-95.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 7910 0
338 B 258ms
73ms Image
text/plain 52.49.16.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5141210829010348943
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.16.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-16-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n023-dub-prod.krxd.net
date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: private, no-cache, no-store
x-request-time: D=35 t=1704023438
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 7910 43 B
146 B 278ms
54ms Image
image/gif 52.57.107.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5141210829010348943&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.107.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-107-196.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 7910
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZFVjQALBt7xJgBH
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALBt7xJgBH&_test=ZZFVjQALBt7xJgBH

42 B
1 KB

58ms
58ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALBt7xJgBH&_test=ZZFVjQALBt7xJgBH
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851056p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 31 Dec 2023 11:50:38 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-ams21065-AMS
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704023438.998962,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALBt7xJgBH&_test=ZZFVjQALBt7xJgBH
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 EgbLUUdEkh Show response
api.userway.org/api/tunings/ 1 KB
2 KB 580ms
187ms XHR
application/json 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/EgbLUUdEkh
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9d13a4755a9f397e7f33ce9582a4768818a055950026981242a3e9a6faeaa8ed

Request headers

Referer: https://theresortatsummerlin.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
etag: W/"5a1-bkMrQ0hDVbx853WwjIxv4quoZ7M"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-service-request-id: usr4cf84ca384f946a
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: *
content-length: 1441
x-service-version: uw-pr

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 421C
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=5108559731744733490&bid=omt9pi0

0
344 B

218ms
54ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=5108559731744733490&bid=omt9pi0
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:38 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=5108559731744733490&bid=omt9pi0
Date: Sun, 31 Dec 2023 11:50:37 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 421C
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=ZZFVjQALA3u-TQBd
https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALA3u-TQBd&_test=ZZFVjQALA3u-TQBd

42 B
1 KB

58ms
58ms

Image
image/gif

193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALA3u-TQBd&_test=ZZFVjQALA3u-TQBd
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 31 Dec 2023 11:50:38 GMT
Cache-Control: no-cache
Server: Jetty(9.4.51.v20230217)
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-ams21065-AMS
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1704023438.941272,VS0,VE0
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=ZZFVjQALA3u-TQBd&_test=ZZFVjQALA3u-TQBd
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

362358.gif
idsync.rlcdn.com/ Frame 421C
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer=https%3A%2F%2Ftheresortatsummerlin.com%2F&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=99f975ea-46d5-49ba-aee6-1d5a6a526aa4%3A1704023437.796984&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D99f975ea-46d5-49ba-aee6-1d5a6a52...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D99f975ea-46d5-49ba-ae...
https://idsync.rlcdn.com/501709.gif?partner_uid=99f975ea-46d5-49ba-aee6-1d5a6a526aa4%3A1704023437.796984&_=1704023437.7990634
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1

42 B
60 B

67ms
66ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEH_ZvH2jMqbKlPrxTUTWx2A&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

52154.gif
idsync.rlcdn.com/ Frame 421C
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTEwODU1OTczMTc0NDczMzQ5MA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESELBXaTygOvwo1vzE6N3Jhn8&google_cver=1
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=
https://p.rfihub.com/cm?pub=39342&in=0&userid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0b1-b1c8119...
https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=5108559731744733490&referrer={encSite}&forward=https%3A%2F%2Fidsync.rlcdn.com%2F501709.gif%3Fpartner_uid%3D5672c2ed-7417-4c06-a0...
https://idsync.rlcdn.com/501709.gif?partner_uid=5672c2ed-7417-4c06-a0b1-b1c8119cfd17%3A1704023437.7981136&_=1704023438.1174607
https://ib.adnxs.com/getuid?https%3A%2F%2Fidsync.rlcdn.com%2F52154.gif%3Fserved_by%3Devergreen%26partner_uid%3D%24UID
https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4503231902762533645

42 B
60 B

66ms
66ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4503231902762533645
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
an-x-request-uuid: f16ea4ef-373a-425c-b6f6-3c8ae335e32c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://idsync.rlcdn.com/52154.gif?served_by=evergreen&partner_uid=4503231902762533645
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 setuid
ib.adnxs.com/ Frame 421C 43 B
831 B 69ms
68ms Image
image/gif 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=5108559731744733490

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
an-x-request-uuid: 7079b4e4-e918-4e34-a1d7-73eb02fdab6c
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

demconf.jpg
dpm.demdex.net/ Frame 421C
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=5108559731744733490&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731744733490&redir=

42 B
717 B

76ms
75ms

Image
image/gif

52.49.2.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731744733490&redir=

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Server

52.49.2.43 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-2-43.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

dcs: dcs-prod-irl1-2-v054-074d8d8ae.edge-irl1.demdex.com 1 ms
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: 9/vU5od/QLE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-05348b51c.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: qdsQsdB0RFs=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=5108559731744733490&redir=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 Pug
image2.pubmatic.com/AdServer/ Frame 421C 0
225 B 161ms
64ms Image
text/html 185.64.191.210
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw==&piggybackCookie=5108559731744733490&r=
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Sun, 31 Dec 2023 11:50:37 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sd
us-u.openx.net/w/1.0/ Frame 421C 43 B
97 B 93ms
64ms Image
image/gif 34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537073062&val=5108559731744733490&r=
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 421C 57 B
619 B 176ms
100ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=5108559731744733490

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Sun, 31 Dec 2023 11:50:37 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 57
x-mnet-hl2: E
expires: Sun, 31 Dec 2023 11:50:37 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 421C 43 B
109 B 428ms
175ms Image
image/gif 44.210.41.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=5108559731744733490
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.210.41.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-210-41-244.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:37 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 421C
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731744733490&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731744733490&forward=&C=1

43 B
764 B

68ms
68ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=5108559731744733490&forward=&C=1
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQ1g3DRy3VwIUU6IpFzXA7lj9adH5EWLDsskDjL9xNRWETprkj3ybWwG7p7XLPDmcSPoPsZ4avcsToMGprBg71mPcR8QvxTJyPlGbF3XS3qtK7d9o4vYnwJLK5eza1rEPlI26dRBzEwSNA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83e24e564d042d6e-ARN
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:37 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ba2lHk%2BSPDmt5DUIer9PTBqZ9q3LnK2xmijG2YzM3lcgoWqKhzkB8XHqEfN9hu85%2BLYWCf1J5zqgi%2BpiRvv1kh74PE8hYzLva5x5UrYNWOkGSG1SdZTsehpE3Hp7WhceYmqgwLqUeao%2FNg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=57&external_user_id=5108559731744733490&forward=&C=1
cache-control: no-cache
cf-ray: 83e24e55bb642d83-ARN
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 421C 42 B
278 B 127ms
68ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=5108559731744733490
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:37 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 421C 43 B
182 B 352ms
213ms Image
image/gif 72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=5108559731744733490

Requested by

Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a72-246-169-24.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

expires: Sun, 31 Dec 2023 11:50:38 GMT
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 43
content-type: image/gif

GET
H2 200 sync
partners.tremorhub.com/ Frame 421C 43 B
174 B 438ms
134ms Image
image/gif 2600:1f18:612b:4264:b711:868:5175:f82d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=5108559731744733490&r=b_WrTXILkp_x
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4264:b711:868:5175:f82d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 31 Dec 2023 11:50:38 GMT
server: nginx
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 421C 43 B
376 B 249ms
73ms Image
image/gif 54.216.96.95
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=5108559731744733490
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.216.96.95 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-216-96-95.eu-west-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 421C 0
337 B 254ms
73ms Image
text/plain 52.49.16.44
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=5108559731744733490
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.16.44 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-16-44.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-served-by: beacon-n006-dub-prod.krxd.net
date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: private, no-cache, no-store
x-request-time: D=29 t=1704023438
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 sync
x.bidswitch.net/ Frame 421C 43 B
145 B 201ms
55ms Image
image/gif 52.57.107.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=119&user_id=5108559731744733490&expires=30&gdpr={GDPR}&gdpr_consent={GDPR_CONSENT_469}&gdpr_pd={GDPR_PD}
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.107.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-107-196.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://20851055p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK logo_rampartparty-2023.png
theresortatsummerlin.com/wp-content/themes/rampartcasino/images/ 44 KB
44 KB 191ms
191ms Image
image/png 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/images/logo_rampartparty-2023.png
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 983db66529c044e179ed23f5f10ac71636a58552b9a0ac29a3f84d0810e6155c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6409ae3-b088-5f8fc9ad8ad73"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 45192

GET
H/1.1 200
OK / Show response
rrc.netmng.com/ 1 B
1 KB 61ms
61ms Script
text/javascript 193.0.160.52
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://rrc.netmng.com/?aid=5970&siclientid=&cch
Requested by: Host: rrc.netmng.com
URL: https://rrc.netmng.com/?aid=5970&siclientid=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.52 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Fri, 29 Dec 2023 11:50:37 GMT
Server: nginx
Transfer-Encoding: chunked
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa PSAa OUR BUS COM NAV"
Content-Type: text/javascript; charset=UTF-8
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Expires: Fri, 29 Dec 2023 11:50:37 GMT

GET
H/1.1 200
OK logo-rarmpartroyals.png
theresortatsummerlin.com/wp-content/themes/rampartcasino/images/ 105 KB
105 KB 191ms
190ms Image
image/png 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/themes/rampartcasino/images/logo-rarmpartroyals.png
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: cabc70c32b857a552db8f176a4eef2c7a51c9db6cd653484b5d12e42f598060c

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Mon, 10 Apr 2023 14:58:16 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "6409ade-1a275-5f8fc9ad8a98b"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 107125

GET
H/1.1 200
OK loader.gif
theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/assets/ 2 KB
3 KB 191ms
191ms Image
image/gif 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/assets/loader.gif
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/css/rs6.css
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/wp-content/plugins/revslider/public/assets/css/rs6.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Mon, 02 Oct 2023 15:26:38 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "9406627-9f1-606bd6684ac0e"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 2545

GET
H/1.1 200
OK VegasLowRoller_SealOfApproval_Logo-250.png
theresortatsummerlin.com/wp-content/uploads/2023/12/ 48 KB
49 KB 191ms
191ms Image
image/png 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/uploads/2023/12/VegasLowRoller_SealOfApproval_Logo-250.png
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 40b7dfd5b07f384f467d27d2771868810a40ba03eeb9b1cb85b54e2d067833ae

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Wed, 13 Dec 2023 16:14:52 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "11400f84-c1f2-60c667793ff5d"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 49650

GET
H/1.1 200
OK Rampart_Casino_Floor_3022_v1_1409x577.jpg
theresortatsummerlin.com/wp-content/uploads/2023/08/ 194 KB
194 KB 191ms
191ms Image
image/jpeg 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/uploads/2023/08/Rampart_Casino_Floor_3022_v1_1409x577.jpg
Requested by: Host: theresortatsummerlin.com
URL: https://theresortatsummerlin.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: 6eb3e5b702e1be05fe2181fdac6c669fdbbe428189cd14dda70343667a6e0360

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:37 GMT
Last-Modified: Wed, 23 Aug 2023 19:17:48 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "13007a98-30892-6039bf78e35d6"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 198802

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2023-12-27-13-15-04/locales/ 500 B
962 B 56ms
56ms XHR
application/json 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 6ae82cc0c8a39c993134c2be90b4d120.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 339793
x-amz-cf-pop: FRA60-P3
age: 487
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683645
x-77-nzt: EgwBnJIhiAH3US8FAAwB1GY4nAH3EwAAAA
x-accel-expires: @1729603626
x-77-age: 339812
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:33 GMT
server: CDN77-Turbo
etag: W/"6c501e56c0883817da65e6df9f4417ee"
x-77-nzt-ray: f6587a1d82d1df8c8e5591658249520d
access-control-max-age: 3000
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/json
x-amz-cf-id: BwRWek_memvl-WuyC_WpTPqfRRLEwG46_Ddem12vDUhlkB3lG8Anvw==

GET
H2 200 p Show response
i.simpli.fi/ 809 B
771 B 69ms
60ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=399276&cb=sifi_att_2994354377942734._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/ec65c79a-5fb3-4acc-96d9-a5a36d524fd9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 397659fce53729d17f56fa5eadd0d3246717b317438a011342a737e7b48db61a

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200 15283
marketing.theresortatsummerlin.com/acton/bn/ 43 B
551 B 194ms
193ms Image
image/gif 207.189.124.17
ASN-FLEXENTIAL

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://marketing.theresortatsummerlin.com/acton/bn/15283?target=https%3A%2F%2Ftheresortatsummerlin.com%2F&ref=&v=2&ts=1704023437338&nc=0

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

207.189.124.17 Highlands Ranch, United States, ASN13649 (ASN-FLEXENTIAL, US),

Reverse DNS

forpci87.actonsoftware.com

Software

Resource Hash

2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sun, 31 Dec 2023 11:50:38 GMT
X-Cnection: close
Strict-Transport-Security: max-age=16070400
Content-Length: 43
Vary: Accept-Encoding
P3P: CP="Act-On does not have a P3P policy. Learn why here: https://act-on.com/p3p-policy/"

GET
H/1.1 200
OK CasinoPit_1409x577.jpg
theresortatsummerlin.com/wp-content/uploads/2016/05/ 1 MB
1 MB 193ms
193ms Image
image/jpeg 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/uploads/2016/05/CasinoPit_1409x577.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: f2400c8e4bbc7b9ac59a4b27b1b25cea3895b70265f636dc569ec657bee69ec4

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:38 GMT
Last-Modified: Wed, 18 May 2016 15:32:13 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "10de08d3-11b209-5331f8fcaf940"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1159689

GET
H/1.1 200
OK CasinoExterior_1409x577.jpg
theresortatsummerlin.com/wp-content/uploads/2016/09/ 646 KB
646 KB 191ms
190ms Image
image/jpeg 68.178.206.199
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theresortatsummerlin.com/wp-content/uploads/2016/09/CasinoExterior_1409x577.jpg
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 68.178.206.199 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS: 199.206.178.68.host.secureserver.net
Software: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4 /
Resource Hash: e640d40946f4189221013c0f751eaf163330a9b36bb4ffcbb925ed34dca2a995

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Date: Sun, 31 Dec 2023 11:50:38 GMT
Last-Modified: Mon, 10 Apr 2023 15:56:02 GMT
Server: Apache/2.4.58 (cPanel) OpenSSL/1.1.1k mod_bwlimited/1.4 mod_fcgid/2.3.9 mod_cpanel/1.4
ETag: "3815133-a16db-5f8fd696db9f2"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 661211

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=74A50509522E4181A48EE9135A1A460F

0
237 B

235ms
92ms

Image
text/plain

2600:9000:237d:c800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=74A50509522E4181A48EE9135A1A460F
Protocol: H2
Server: 2600:9000:237d:c800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: no-cache, must-revalidate
via: 1.1 d2e8c709d1f79bde6ed8f833f02bdd34.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-amz-cf-id: JCKY2mfwldfRf-kt28AvQ-U5a07O2UX68lGQ-4TW5QDaFW6HNfHClw==
x-cache: Miss from cloudfront

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

200

RX-deb72207-7d81-437f-993a-2b9b7d67f287-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/74A50509522E4181A48EE9135A1A460F
https://sync.1rx.io/usersync/simplifi/74A50509522E4181A48EE9135A1A460F?zcc=1&cb=1704023438659
https://sync.targeting.unrulymedia.com/csync/RX-deb72207-7d81-437f-993a-2b9b7d67f287-003

43 B
378 B

188ms
58ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-deb72207-7d81-437f-993a-2b9b7d67f287-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-deb72207-7d81-437f-993a-2b9b7d67f287-003
pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=74A50509522E4181A48EE9135A1A460F&dongle=yf3

37 B
140 B

159ms
54ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=74A50509522E4181A48EE9135A1A460F&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=74A50509522E4181A48EE9135A1A460F&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=74A50509522E4181A48EE9135A1A460F

43 B
174 B

165ms
133ms

Image
image/gif

2600:1f18:612b:4264:b711:868:5175:f82d
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=74A50509522E4181A48EE9135A1A460F
Protocol: H2
Server: 2600:1f18:612b:4264:b711:868:5175:f82d Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 31 Dec 2023 11:50:38 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=74A50509522E4181A48EE9135A1A460F
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=74A50509522E4181A48EE9135A1A460F

95 B
428 B

69ms
68ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=74A50509522E4181A48EE9135A1A460F

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=74A50509522E4181A48EE9135A1A460F
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=74A50509522E4181A48EE9135A1A460F
https://d.agkn.com/pixel/10751/?che=1704023438567&ip=185.204.1.186&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219763204747001720436
https://um.simpli.fi/aa_px?sk=219763204747001720436
https://um.simpli.fi/empty.gif

43 B
361 B

59ms
59ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=74A50509522E4181A48EE9135A1A460F

0
0

185ms
55ms

Image
text/html

18.245.60.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=74A50509522E4181A48EE9135A1A460F
Protocol: H2
Server: 18.245.60.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-10.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 60ms
59ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 62ms
60ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=74A50509522E4181A48EE9135A1A460F;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=74A50509522E4181A48EE9135A1A460F;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

0
87 B

125ms
57ms

Image
text/plain

3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Protocol

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.94 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:39 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.94
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
date: Sun, 31 Dec 2023 11:50:39 GMT
cache-control: no-store
content-type: text/html
server: ATS/9.1.10.94
content-length: 344
content-language: en

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=74A50509522E4181A48EE9135A1A460F&j=0

0
324 B

275ms
73ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=74A50509522E4181A48EE9135A1A460F&j=0
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:42 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=74A50509522E4181A48EE9135A1A460F&j=0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 63ms
62ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=74A50509522E4181A48EE9135A1A460F

0
421 B

594ms
133ms

Image
text/plain

52.3.7.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=74A50509522E4181A48EE9135A1A460F
Protocol: HTTP/1.1
Server: 52.3.7.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-7-191.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 31 Dec 2023 11:50:38 GMT

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=74A50509522E4181A48EE9135A1A460F

62 B
445 B

245ms
218ms

Image
image/gif

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=74A50509522E4181A48EE9135A1A460F
Protocol: H2
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sun, 31 Dec 2023 11:50:38 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

404

tpid=74A50509522E4181A48EE9135A1A460F
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=74A50509522E4181A48EE9135A1A460F

49 B
265 B

235ms
73ms

Image
image/gif

54.78.109.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=74A50509522E4181A48EE9135A1A460F
Protocol: H2
Server: 54.78.109.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-109-25.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.2.196
content-length: 49
expires: 0

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=74A50509522E4181A48EE9135A1A460F

0
311 B

194ms
60ms

Image
text/plain

216.52.2.6
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=74A50509522E4181A48EE9135A1A460F
Protocol: HTTP/1.1
Server: 216.52.2.6 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Sun, 31 Dec 2023 11:50:38 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap2ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H3

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=74A50509522E4181A48EE9135A1A460F

0
9 B

67ms
67ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=74A50509522E4181A48EE9135A1A460F
Protocol: H3
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H3

200

/
www.google.fi/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704023438276&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=j...
https://www.google.com/pagead/1p-conversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIotr3_c...
https://www.google.fi/pagead/1p-conversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIotr3_c2...

42 B
64 B

74ms
74ms

Image
image/gif

2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.fi/pagead/1p-conversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIotr3_c25gwMVVOg7Ah0ypAa0&is_vtc=1&ocp_id=jlWRZaLbH9TQ78EPssiaoAs&cid=CAQSKQAvHhf_wZfA81mWoDdPPMoiPQDB-E3UUS81Z2-1Dn_JiufBuq5HTjyB&random=1915064195&ipr=y

Protocol

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.fi/pagead/1p-conversion/1026675585/?random=407312318&cv=7&fst=1704023438276&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIotr3_c25gwMVVOg7Ah0ypAa0&is_vtc=1&ocp_id=jlWRZaLbH9TQ78EPssiaoAs&cid=CAQSKQAvHhf_wZfA81mWoDdPPMoiPQDB-E3UUS81Z2-1Dn_JiufBuq5HTjyB&random=1915064195&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 64ms
63ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=74A50509522E4181A48EE9135A1A460F

43 B
880 B

56ms
55ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=74A50509522E4181A48EE9135A1A460F

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
an-x-request-uuid: 06689827-b621-484b-9deb-8db85f609f2a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 185.204.1.186; 185.204.1.186; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=74A50509522E4181A48EE9135A1A460F&expires=365

0
239 B

256ms
61ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=74A50509522E4181A48EE9135A1A460F&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=74A50509522E4181A48EE9135A1A460F&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=74A50509522E4181A48EE9135A1A460F

43 B
97 B

64ms
64ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=74A50509522E4181A48EE9135A1A460F
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=74A50509522E4181A48EE9135A1A460F
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Sat, 30 Dec 2023 11:50:38 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESELYbmxwAYKTLY05mzAUSv9U&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=74A50509522E4181A48EE9135A1A460F
https://um.simpli.fi/g_match?id=

0
320 B

60ms
59ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sat, 30 Dec 2023 11:50:38 GMT

Redirect headers

pragma: no-cache
date: Sun, 31 Dec 2023 11:50:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/free/ 27 KB
11 KB 63ms
63ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1703682904009
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: e4412b67eb8c67e19774da629f747a1cca29d89af2d93b30ca50dc7e3106437b

Request headers

Referer: https://theresortatsummerlin.com/
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 79272ab9b399ee696b329d4f677dca48.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 339794
x-amz-cf-pop: FRA60-P3
age: 488
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683644
x-77-nzt: EgwBnJIhiAH3Ui8FAAwBJRPCKAH3EwAAAA
x-accel-expires: @1729603625
x-77-age: 339813
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:38 GMT
server: CDN77-Turbo
etag: W/"29cb57a634f3d6ed3e17dfdec2e09c32"
x-77-nzt-ray: f6587a1d82d1df8c8e559165092e342b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: ka4ll7FxuM4Iy-igtlK4m2xCuND3Z8tTfNDq8HzVOfObv6k2dJ2vvg==

GET
H2 200 body_bl.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 59ms
59ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_bl.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: de583c448ba7298a3d03f7a08756d0f0f7776a2ac59e2e3720b84fb30fd2919b

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 b4904c5988fd0eaae341a12cc47f3766.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 339785
x-amz-cf-pop: FRA60-P3
age: 6
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683653
x-77-nzt: EgwBnJIhiAH3SS8FAAwBJRPCMQH3FwAAAA
x-accel-expires: @1729603630
x-77-age: 339808
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:34 GMT
server: CDN77-Turbo
etag: W/"fea90479d6c22e0aa948a8c80f616fa0"
x-77-nzt-ray: f6587a1d96c26f828e5591655de3d62b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: RkayljFKZsrl9meAYlLtFqBcz1268B06ZMXkNjXONbz5n4-fHKYakA==

GET
H2 200 spin_bl.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 60ms
60ms Image
image/svg+xml 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_bl.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:38 GMT
via: 1.1 8b889e35789d2b97f2ba8771acc9a008.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 339790
x-amz-cf-pop: FRA60-P3
age: 6
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683648
x-77-nzt: EgwBnJIhiAH3Ti8FAAwBJRPCMQH3EwAAAA
x-accel-expires: @1729603629
x-77-age: 339809
x-cache-lb: HIT
last-modified: Fri, 13 Jan 2023 11:00:14 GMT
server: CDN77-Turbo
etag: W/"f1006e80919a554a181eeffcb6b3e381"
x-77-nzt-ray: f6587a1d96c26f828e5591654767df2b
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: image/svg+xml
x-amz-cf-id: VjmVWoUs8mNLBo3bDmg7pOjFoMFz241_58zSwfHLLyAuNrUIfywYiQ==

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame CD58 26 B
1023 B 59ms
58ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=50021&ca=20851055&ri=fa0065c9dfff0bb6ae2ca56bbff5cd0a&stats=%7B%2213488%22%3A%221214%2C1%22%2C%2217243%22%3A%2272%2C1%22%2C%2242261%22%3A%2296%2C1%22%2C%2250495%22%3A%22449%2C1%22%2C%2252220%22%3A%22259%2C1%22%2C%2253935%22%3A%22278%2C1%22%2C%2254497%22%3A%22429%2C1%22%2C%2254855%22%3A%22163%2C2%22%2C%2254863%22%3A%22602%2C1%22%2C%2255073%22%3A%22221%2C1%22%2C%2256659%22%3A%22479%2C1%22%2C%2256885%22%3A%22451%2C2%22%2C%2257347%22%3A%22458%2C2%22%2C%2257363%22%3A%22408%2C1%22%2C%2258143%22%3A%22179%2C1%22%2C%2258553%22%3A%22762%2C1%22%2C%2258561%22%3A%22430%2C1%22%7D&ra=4690046626130031
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://theresortatsummerlin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Sun, 31 Dec 2023 11:50:38 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

OPTIONS
H2 200 alts.json
cdn77.api.userway.org/api/img-dscr/v2/EgbLUUdEkh/3474907/nttMdHLzd1yFfN8Y/ Frame 0
0 378ms
227ms Preflight 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/EgbLUUdEkh/3474907/nttMdHLzd1yFfN8Y/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fbidagent.xad.com%2Fconv%2F181518%3Fts%3D1704023437344%22%2C%22alt%22%3A%22181518%3Fts%3D1704023437344%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fsp.analytics.yahoo.com%2Fsp.pl%3Fa%3D10000%26d%3DSun%252C%252031%2520Dec%25202023%252011%253A50%253A37%2520GMT%26n%3D-2%26b%3DRampart%2520Casino%2520at%2520the%2520Resort%2520at%2520Summerlin%252C%2520NV%2520%257C%2520Las%2520Vegas%2520Hotels%26.yp%3D10055360%26f%3Dhttps%253A%252F%252Ftheresortatsummerlin.com%252F%26enc%3DUTF-8%26yv%3D1.15.1%26tagmgr%3Dgtm%22%2C%22alt%22%3A%22dot%20image%20pixel%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Ficon-griffin.png%22%2C%22alt%22%3A%22summerlin%20las%20vegas%20hotel%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Flogo_rampartparty-2023.png%22%2C%22alt%22%3A%22Progressive%20Party%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Flogo-rarmpartroyals.png%22%2C%22alt%22%3A%22Tiger%20Progressive%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Flogo.png%22%2C%22alt%22%3A%22Rampart%20Casino%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fuploads%2F2022%2F04%2F4653_RampartRewardsApp_Ongoing_May2022_370x250-300x203.jpg%22%2C%22alt%22%3A%22Download%20the%20Rampart%20Rewards%20App%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fuploads%2F2022%2F08%2FUnknown-300x203.jpeg%22%2C%22alt%22%3A%22Top%2010%20Current%20Progressives%20of%20The%20Week%20at%20Rampart%20Casino%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fuploads%2F2023%2F12%2FVegasLowRoller_SealOfApproval_Logo-250.png%22%2C%22alt%22%3A%22dummy%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://theresortatsummerlin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Sun, 31 Dec 2023 11:50:39 GMT
server: CDN77-Turbo
x-77-cache: MISS
x-77-nzt: EggBnJIhiwAACAElE8IuAAA
x-77-nzt-ray: cf878727687e279d8f55916577c3a31b
x-77-pop: frankfurtDE
x-service-version: img-dscr-srv-bad7d880

GET
H2 200 alts.json Show response
cdn77.api.userway.org/api/img-dscr/v2/EgbLUUdEkh/3474907/nttMdHLzd1yFfN8Y/ 2 KB
1 KB 250ms
249ms Fetch
application/json 2a02:6ea0:c700::18
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn77.api.userway.org/api/img-dscr/v2/EgbLUUdEkh/3474907/nttMdHLzd1yFfN8Y/alts.json?dto=%7B%22sorted%22%3A%5B%7B%22src%22%3A%22https%3A%2F%2Fbidagent.xad.com%2Fconv%2F181518%3Fts%3D1704023437344%22%2C%22alt%22%3A%22181518%3Fts%3D1704023437344%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Fsp.analytics.yahoo.com%2Fsp.pl%3Fa%3D10000%26d%3DSun%252C%252031%2520Dec%25202023%252011%253A50%253A37%2520GMT%26n%3D-2%26b%3DRampart%2520Casino%2520at%2520the%2520Resort%2520at%2520Summerlin%252C%2520NV%2520%257C%2520Las%2520Vegas%2520Hotels%26.yp%3D10055360%26f%3Dhttps%253A%252F%252Ftheresortatsummerlin.com%252F%26enc%3DUTF-8%26yv%3D1.15.1%26tagmgr%3Dgtm%22%2C%22alt%22%3A%22dot%20image%20pixel%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Ficon-griffin.png%22%2C%22alt%22%3A%22summerlin%20las%20vegas%20hotel%20icon%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Flogo_rampartparty-2023.png%22%2C%22alt%22%3A%22Progressive%20Party%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Flogo-rarmpartroyals.png%22%2C%22alt%22%3A%22Tiger%20Progressive%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fthemes%2Frampartcasino%2Fimages%2Flogo.png%22%2C%22alt%22%3A%22Rampart%20Casino%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fuploads%2F2022%2F04%2F4653_RampartRewardsApp_Ongoing_May2022_370x250-300x203.jpg%22%2C%22alt%22%3A%22Download%20the%20Rampart%20Rewards%20App%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fuploads%2F2022%2F08%2FUnknown-300x203.jpeg%22%2C%22alt%22%3A%22Top%2010%20Current%20Progressives%20of%20The%20Week%20at%20Rampart%20Casino%22%2C%22dir%22%3A%22RO%22%7D%2C%7B%22src%22%3A%22https%3A%2F%2Ftheresortatsummerlin.com%2Fwp-content%2Fuploads%2F2023%2F12%2FVegasLowRoller_SealOfApproval_Logo-250.png%22%2C%22alt%22%3A%22dummy%22%2C%22dir%22%3A%22RO%22%7D%5D%2C%22tier%22%3A%22FREE_QUOTA_TIER%22%7D
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/remediation/free/remediation-tool-free.js?ts=1703682904009
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 677744df8e57c0fa2ea6b24a1f8e4d728282d09cd6e74a76a9753a732b15291f

Request headers

Referer: https://theresortatsummerlin.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:39 GMT
content-encoding: gzip
x-77-cache: MISS
x-service-version: img-dscr-srv-bad7d880
x-77-nzt: EggBnJIhiwFBCAElE8IuAUE
x-cache-lb: MISS
server: CDN77-Turbo
etag: W/"8eb-G5MhkT6gFs9viQ824qTny9MRowY"
x-77-nzt-ray: cf878727687e279d8f5591655b044129
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
access-control-allow-headers: *

GET
H/1.1 200
OK pstats.html Show response
a.rfihub.com/ Frame F05D 26 B
1 KB 58ms
58ms Document
text/html 193.0.160.131
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://a.rfihub.com/pstats.html?rb=50021&ca=20851056&ri=c8a3d07854948006b8eb5f8cbf342ffb&stats=%7B%2213488%22%3A%221936%2C1%22%2C%2217243%22%3A%22111%2C1%22%2C%2242261%22%3A%22150%2C1%22%2C%2250495%22%3A%22501%2C1%22%2C%2252220%22%3A%22276%2C1%22%2C%2253935%22%3A%22333%2C1%22%2C%2254497%22%3A%22483%2C1%22%2C%2254855%22%3A%22218%2C2%22%2C%2254863%22%3A%22657%2C1%22%2C%2255073%22%3A%22276%2C1%22%2C%2256659%22%3A%22534%2C1%22%2C%2256885%22%3A%22463%2C2%22%2C%2257347%22%3A%22513%2C2%22%2C%2257363%22%3A%22516%2C1%22%2C%2258143%22%3A%22276%2C1%22%2C%2258553%22%3A%22817%2C1%22%2C%2258561%22%3A%22505%2C1%22%7D&ra=4639578380445537
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 193.0.160.131 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.4.51.v20230217) /
Resource Hash: f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623

Request headers

Referer: https://theresortatsummerlin.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language: fi-FI,fi;q=0.9

Response headers

Content-Length: 26
Content-Type: text/html;charset=iso-8859-1
Date: Sun, 31 Dec 2023 11:50:39 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server: Jetty(9.4.51.v20230217)

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Ftheresortatsummerlin.com%2F/DESKTOP/WIDGET_OFF/ 77 B
454 B 187ms
187ms Fetch
application/json 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Ftheresortatsummerlin.com%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://theresortatsummerlin.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

date: Sun, 31 Dec 2023 11:50:43 GMT
etag: W/"4d-LFMdxGwYZe/xj6Qk5mJ4pvoM+ew"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-809f5266

GET
H2 200 scan_1703682904009.js Show response
cdn.userway.org/widgetapp/2023-12-27-13-15-04/scan/ 53 KB
14 KB 66ms
66ms Script
application/javascript 2a02:6ea0:c700::17
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/scan/scan_1703682904009.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::17 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4

Request headers

Referer: https://theresortatsummerlin.com/
Origin: https://theresortatsummerlin.com
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

x-77-pop: frankfurtDE
date: Sun, 31 Dec 2023 11:50:43 GMT
via: 1.1 0c792defeeaa18965559ad74895ea56a.cloudfront.net (CloudFront)
content-encoding: gzip
x-age-lb: 339757
x-amz-cf-pop: FRA60-P3
age: 485
x-amz-server-side-encryption: AES256
x-77-cache: HIT
x-accel-date: 1703683686
x-77-nzt: EgwBnJIhiAH3LS8FAAwB1GY4AQH3NQAAAA
x-accel-expires: @1729603633
x-77-age: 339810
x-cache-lb: HIT
last-modified: Wed, 27 Dec 2023 13:17:33 GMT
server: CDN77-Turbo
etag: W/"5f3ef1d42a27c5de1d1c341f70d833e7"
x-77-nzt-ray: f6587a1d82d1df8c935591651d9a3d37
access-control-max-age: 3000
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: max-age=25920000, public
content-type: application/javascript
x-amz-cf-id: ZnRmNABtBQHad9xQ5SwLff9FuBeRfvcaYTanU4o3zzyEFVUxEwj8Bg==

OPTIONS
H2 200 contrib
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Ftheresortatsummerlin.com%2F/DESKTOP/ Frame 0
0 186ms
186ms Preflight 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Ftheresortatsummerlin.com%2F/DESKTOP/contrib
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PUT
Origin: https://theresortatsummerlin.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
access-control-max-age: 3000
cache-control: max-age=604800
date: Sun, 31 Dec 2023 11:50:44 GMT
x-service-version: seo-w-809f5266

PUT
H2 200 contrib Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Ftheresortatsummerlin.com%2F/DESKTOP/ 77 B
454 B 228ms
227ms XHR
application/json 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Ftheresortatsummerlin.com%2F/DESKTOP/contrib
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2023-12-27-13-15-04/widget_app_base_1703682904009.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb22:2fc5:79f7:a161:47b6 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

Referer: https://theresortatsummerlin.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 31 Dec 2023 11:50:44 GMT
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
vary: Accept-Encoding
access-control-allow-headers: *
content-length: 77
x-service-version: seo-w-809f5266

Verdicts & Comments Add Verdict or Comment

163 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

51 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hubspot.com/	1970-01-20 17:20:25	Name: __cf_bm Value: Zi9.4lsTWBpkqXAcfZsXac0Jin_G1x2uqn4o5ubAq0w-1704023435-1-ASR8IQ+BjJ6XTJ8aTXWPZHPApbXD6ZdN2s8Mf0Rl5PK6oQ4nNphrsW2oGX2ZTAVDMD/NrZfZUEui733BaGlnXSw=
.hubspot.com/	1969-12-31 23:59:59	Name: _cfuvid Value: 1RmlZRWlsDePbiMrcZJ8dnmNi8829Be9SLjlceOpHt8-1704023435360-0-604800000
.theresortatsummerlin.com/	1970-01-20 19:29:59	Name: _gcl_au Value: 1.1.455333034.1704023436
.theresortatsummerlin.com/	1970-01-21 02:56:23	Name: _ga Value: GA1.2.1623275920.1704023437
.theresortatsummerlin.com/	1970-01-20 17:21:49	Name: _gid Value: GA1.2.456958285.1704023437
.theresortatsummerlin.com/	1970-01-20 17:20:23	Name: _gat_UA-29231856-1 Value: 1
.adnxs.com/	1970-01-20 19:29:59	Name: uuid2 Value: 4503231902762533645
.simpli.fi/	1970-01-21 02:07:25	Name: suid Value: 74A50509522E4181A48EE9135A1A460F
.theresortatsummerlin.com/	1970-01-21 02:56:23	Name: _ga_V8TD19BBZG Value: GS1.2.1704023437.1.0.1704023437.60.0.0
.yahoo.com/	1970-01-21 02:06:21	Name: A3 Value: d=AQABBI1VkWUCED-0BfXFlkdf1ho2V8r6PGAFEgEBAQGnkmWbZfTCccAB_eMAAA&S=AQAAAt43crQ2NXpRgYjFMkXGd6E
.netmng.com/	1970-01-21 02:49:11	Name: u Value: 6F4D34F3-47D7-4EB5-8B45-51DCFE13E711
.casalemedia.com/	1970-01-20 19:29:59	Name: CMPS Value: 651
.doubleclick.net/	1970-01-21 02:41:59	Name: IDE Value: AHWqTUn4lQqHAYVUBjPeVXRWNCddTBkbzZVqhygakevFCI3N5c3VcK0jZgxvfOeCbgY
.demdex.net/	1970-01-20 21:39:35	Name: demdex Value: 49176878096527042061514522577496434929
.media.net/	1970-01-21 02:05:59	Name: visitor-id Value: 3470250375474631000V10
.media.net/	1970-01-21 02:04:33	Name: data-rk Value: 5141210829010348943~~3
.netmng.com/	1970-01-20 21:43:54	Name: evo5 Value: 0zhqehdwp65fp%7CO%7CV1hoemJVdDZkSEpyTTNObU9GTjRjRlYwYXpSc2VtVktUSFYzVkU1RFFYZFJURGhuTlM5V00xZG1LMngxTDJsS1VIWkZTMFJoZVZkQlNYWm9VVzVzUW10bE4wZFZRVmhpWjBRdldGbDFhelJTUm5oSWFGbFdTWGRSZFhaUFVHMDRVVmxVV0c5SldtZERWREZwTDB4VEwxVjZOM2xuWWtoNmFGbE5jUzlDVDFreFdtNUdNWGxLVnpkbUwzZHJXblZOYUhGcVNISTRZa1YxVjA4ek5FRnFSM2wwVG5WaVJGcDVURms0VmxoUmIydFplbTFSYTJWYVVYTkNkWEp6TWxKblVrMXZUVE01VGpSTlRHOHJaa0ZWVTJsVVFuQkhiRXMwZDNJelUyaGxTVzkxTkhoTE1tRjFlRGRzV0RsWWJ6TkpVM2hYWm5WemRWbHVVMll2ZDJkc053PT06d3Y5Q3lXM0NHSFZkVFUvczlnWDYvZz09
.casalemedia.com/	1970-01-21 02:05:59	Name: CMID Value: ZZFVjZHo0bARK-Dz7nMRegAA
.casalemedia.com/	1970-01-20 19:29:59	Name: CMPRO Value: 651
.rfihub.com/	1970-01-21 02:41:59	Name: rud Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjQ3MTE3NjaxNBDiM9QNyg-rMDdNzS9OzvYFANJBtJQlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0sDA1tTQ3NjQ3MTE3NjaxNBDiM9QNyg-rMDdNzS9OzvYFANJBtJQlAAAA
.rezync.com/	1970-01-20 21:39:35	Name: zync-uuid Value: 5672c2ed-7417-4c06-a0b1-b1c8119cfd17:1704023437.7981136
.dpm.demdex.net/	1970-01-20 21:39:35	Name: dpm Value: 49176878096527042061514522577496434929
.bidagent.xad.com/	1970-01-20 18:03:35	Name: xad-uid Value: M2M1NTI2YWUtOGY2Yy00Yjc2LTljODktMmY3M2M5Nzg1MWY3
.everesttech.net/	1970-01-21 02:05:59	Name: everest_g_v2 Value: g_surferid~ZZFVjQALBt7xJgBH
.eyeota.net/	1970-01-20 17:20:24	Name: SERVERID Value: 18323~DM
.krxd.net/	1970-01-20 21:39:35	Name: _kuid_ Value: QAfSsZ0a
live.rezync.com/	1970-01-20 21:39:35	Name: sd-session-id Value: .eJwVykEOgyAQQNG7zFqaGRgY4TJGYZqQVtqI3dR499rlf_kHTG_d1rlp2yHt20cHyM96VYd0QK_fVR-QwBOO3kdxJMziHEeEc4CuvddXm2r5P0FstlqMMInhjMHMuJBZKI9EMd8LSSJBRuvYyU3ixS7A-QOlMiVe.ZZFVjg.vyd5g79-6knRmaowsz6wfJYgjDQ
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAA_-OSMXR2dA12dfIoTk10cg_KsQyzLK-sKkg38vAo8VzFKBAV5RaWFejo41RiXuGV7uTRxGJuamZulGyUmqJrbmJormuSbGCmm2iQZKibZJhsYWhomZyWYmhuZWhuYGJgZGxibK5nbgkUNjYDAKFr72BrAAAA
.simpli.fi/	1970-01-20 17:30:28	Name: uid_syncd_secure Value: true
.theresortatsummerlin.com/	1970-01-21 02:05:59	Name: wp15283 Value: "UYVBWDDDDDDLZIKBCKY-XMKU-XMYT-CUTC-BIXIHWZCIIMHDVVWABHMM-VWVB-XVUY-HIHB-WMVBHMZBKXWBDmoLkLlhkmHmlNttLkspg_JhtDD"
.agkn.com/	1970-01-21 02:05:59	Name: ab Value: 0001%3A%2BesRjgGJg0HE60H3GZdK3zxeSd%2FG6ZJ5
.tapad.com/	1970-01-20 18:46:47	Name: TapAd_TS Value: 1704023438645
.tapad.com/	1970-01-20 18:46:47	Name: TapAd_DID Value: 79877016-a399-4732-88e2-84c19aca3600
.1rx.io/	1970-01-21 02:05:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-deb72207-7d81-437f-993a-2b9b7d67f287-003%22%7D
.tapad.com/	1970-01-20 18:46:47	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 19:29:59	Name: anj Value: dTM7k!M4.gD>6NRF']wIg2C'$B4_Mn!A#FD.TOKQ9YfZ8=E'gDcw#YRigRP'lw11ika#0o8gRBti8BdU%x-6I2[@W5BVOYCRn!$]$-z/Y:bsr8Dmw*=]l.P?u-R8h3x$Vr<(e9RFMZ9T5_m!wzCE+nfrz
.rlcdn.com/	1970-01-20 18:46:47	Name: pxrc Value: CI6rxawGEgYItuoBEAASBgi66gEQABIGCNvCHhAA
.agkn.com/	1970-01-21 02:05:59	Name: u Value: C\|0AAAAAAAALSQSDgAAAAAA
.pro-market.net/	1970-01-20 21:39:35	Name: anProfile Value: "1eqvjovjqumzw+1+1f=1+1g=1+1j=p+rs=s+rt=2A0CF04000002790000000000000006E+s2=(s6j4we)+vm=24-74A50509522E4181A48EE9135A1A460F"
.pro-market.net/	1970-01-20 18:03:35	Name: anHistory Value: "1eqvjovjqumzw+2+!#7')&*#gL<"
.targeting.unrulymedia.com/	1970-01-21 02:05:59	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-deb72207-7d81-437f-993a-2b9b7d67f287-003%22%7D
.bluekai.com/	1970-01-20 21:43:54	Name: bku Value: blx99/8PAVP6Z/xt
.bluekai.com/	1970-01-20 21:43:54	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEz6xEDyBE98BE/0HExhmeaOBeCaHEAh1pPO1DW6BMOs9y9i79+z
.bfmio.com/	1970-01-21 02:05:59	Name: __141_cid Value: 74A50509522E4181A48EE9135A1A460F
.bfmio.com/	1970-01-21 02:05:59	Name: __io_cid Value: c2c9b518f84167c45d3c05e67ccd0fd9510177a2
.mediarithmics.com/	1970-01-21 02:05:59	Name: mics_vid Value: 64945631648
.mediarithmics.com/	1970-01-21 02:05:59	Name: mics_uaid Value: web:1:86fbd267-5edb-44cc-9c2e-62c87ec55536
.mediarithmics.com/	1970-01-21 02:05:59	Name: mics_lts Value: 1704023439393
.rlcdn.com/	1970-01-21 02:05:59	Name: rlas3 Value: xSduhtNzS3HorgUxJ9+uH1Bqg35GuTvqt14aQgZ8vEc=
.rfihub.com/	1970-01-21 02:41:59	Name: eud Value: H4sIAAAAAAAA_13SP2vCYBAGcFqatlQKhax-hZT3kjd53-tmRE1Ll1pwcNNohdJBqNA_Yz-CY8aMGTNmdHR0dHT0IzjZzdwz_njujuO4mya1W53XTpx8Tkdxr__BA_76-Z3P_CRZPPZvySit_EAHhi1nZzWHrEtwBV6D9-ADeHkunYMLcAmusP5CegvOnbvhsDt4f2k9xwvz_TSLk8I5lVgV2tKRLZuaOdS0Bx_A2aV0AV6BN-AteIf5lfTftXTVkPuvGjJfuiaMjJ_604lnNBlPpyryRmpM3phSS8Tp24TMw2nI_f8nEAVR5tYuFVjOhVkVLmzuwjNAfgScqNhRigIAAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=74A50509522E4181A48EE9135A1A460F Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=74A50509522E4181A48EE9135A1A460F Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=74A50509522E4181A48EE9135A1A460F Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20851055p.rfihub.com
20851056p.rfihub.com
a.rfihub.com
aa.agkn.com
api.userway.org
bcp.crwdcntrl.net
beacon.krxd.net
bidagent.xad.com
bpi.rtactivate.com
c1.rfihub.net
cdn.jsdelivr.net
cdn.userway.org
cdn77.api.userway.org
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
cookie-matching.mediarithmics.com
d.agkn.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
github.hubspot.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
live.rezync.com
loadm.exelator.com
marketing.theresortatsummerlin.com
p.rfihub.com
partners.tremorhub.com
pixel.rubiconproject.com
pixel.tapad.com
ps.eyeota.net
rampartcasino.com
region1.analytics.google.com
rrc.netmng.com
s.ad.smaato.net
s.yimg.com
secure.adnxs.com
simplifi.partners.tremorhub.com
sp.analytics.yahoo.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
theresortatsummerlin.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.fi
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
13.248.245.213
13.32.27.28
142.250.186.66
151.101.130.49
172.217.18.2
172.64.151.101
18.245.60.10
184.30.20.22
185.64.191.210
193.0.160.131
193.0.160.52
2001:4860:4802:34::36
207.189.124.17
212.82.100.181
216.52.2.6
2600:1901:0:8eee::
2600:1f14:5db:eb22:2fc5:79f7:a161:47b6
2600:1f18:612b:4264:b711:868:5175:f82d
2600:9000:20b4:1600:1:76cf:fe80:93a1
2600:9000:237d:c800:1b:5138:8a40:93a1
2606:4700:3036::6815:415e
2606:4700::6810:5614
2606:4700::6813:9b53
2a00:1288:80:807::1
2a00:1450:4001:80b::2004
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::200a
2a00:1450:400c:c1d::9d
2a02:6ea0:c700::17
2a02:6ea0:c700::18
3.123.94.79
3.124.210.90
3.71.149.231
34.111.113.62
34.91.62.186
34.98.64.218
35.234.162.151
35.244.174.68
37.252.171.53
44.210.41.244
46.228.174.117
52.3.7.191
52.49.16.44
52.49.2.43
52.57.107.196
54.164.61.213
54.216.96.95
54.36.150.187
54.78.109.25
54.78.254.47
68.178.206.199
69.173.144.138
72.246.169.24
01a3f7860268b6b3b73afda4f0c9aa7c5b1a56b397a31c39138ee7380d8336df
06e5b84544863dd8023c2daf43d7c50f7cbfc43b17a41ef4feeea403af932485
0866546ae9c65964cd912860db934e24d99b401dca5a2a206b8df2cacc60bda5
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0ec98adf593ebcc01bec60b1f494dacd47522abfef9038a714101d83f45e165d
10a410ffc4397a10a60c58a979d3dfc8957258714e1a50f0acb6612eb74b90cd
151030e81930652440fa8a20ead6b6a2ead46f0f5b70dd911e07b28f30b80670
15520e3700378373dd78bc29a2c3ab91642a3caf4bc2c66310f5db193e921fd4
19b370bff7ea217f9b041eda593cb498f7c390f7eba772df1eb006251cdfc663
2188414d64d2930eb54f4731b6eb9a931358ba625d1cd7535a889409218609d2
221f460e25860fe5f822248bd0923f4d0bda02b1282a8000e499b3e6dc56bc21
26687d0d7506d32071235f7b59d6f625ffcea714874f993c1d5f9af84f94ea2e
268fe890a73de1a0eccb474a409549f39c29fd98db6016a75625c480cda5ae60
26a3959164457c1a0af0c8e9e477ea8ce919ee74014a5d7889b8c4c5af80fe78
275bace21e01961de13dd85b2454bf719249ee3b33559f7b468c92e3cf01a93a
28a049341dc40c7faee92f16b85262d6ad9ae78fc7eb7bb29e72705ea36f6830
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
30cd55351e2a901ab282b62b576fe35e23132c5313007cc90ff1bac1bf1cd24d
327a51e89967ef2b03658329373d060b47dfc7b3c3998f489cc4850e114ac8b4
347d7d441882d9b031d7cff98ccff8abf210f5def49e76d8d27e60a97b77b2f5
34cbf3228071638e2f9dfba3c28372bfb3007ac64cafbf2d24fa3b24580027b6
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
397659fce53729d17f56fa5eadd0d3246717b317438a011342a737e7b48db61a
398ecef989d2d3f1ac867d4c2bd553c2aeb337e031c6d425a2283817d2d89ddc
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f3ab657495aa2eb810cc45aa1e9faf179f4fcd1b621dc722fba93fcaaff2d28
40b7dfd5b07f384f467d27d2771868810a40ba03eeb9b1cb85b54e2d067833ae
43cc10f626704c5884ef680fc0b14bcc5274f7cbdde83fc3e590e798644cbe17
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4557b6f11b5a5bb591f8a3cccc7c0883a2ec42230bc96b032d425d41d235adc6
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4957206b5799b2abb90dbe6bcad86e6b166e2975d8c0ae8fa8464525a2410aa5
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b6c611a2ad2a085f84b7ba10b47122b4a9ec6d8c11027c637cc722410293eb9
4bce18de486fea257a1a5c9d5477070cec0ca1dff3438e5784161e8a8756da44
4d7b9d1069028ea92e5e75de84ff2876e828caf5e4b65decd79872b3de273548
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55bdb1700149e5204204c06b154ee3d44990039e1227e75da7193378d160de01
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
5a8f9c0147bd0fa56995e20612b6beb5338e391640d653b998016b0459416c27
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d23752e8b1cba79802c6c4b004a67de70690119570a233746fdc2966b411348
62a88fe954d3dd0835bec2b587835f31de3ca941e6f38e57f545e94a87bf7ae9
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
677744df8e57c0fa2ea6b24a1f8e4d728282d09cd6e74a76a9753a732b15291f
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6d5db554f7ae65713d70fd359a046d051dada869941279557a39d0749beded33
6eb3e5b702e1be05fe2181fdac6c669fdbbe428189cd14dda70343667a6e0360
768d5a5bf23dfd2aea306622043e8f59253e18200941588ca825bedda55712ae
771b265798b85ee594754f3c9ff0fc845c2e287b6742181a4855d891b3ef1ac4
7746056c991475c9236a4436e376508eee33b50db8d63b581bfc8890b3d7dbf1
7d8c8fb83c837d7fcf5e28db90261ec8c08277c214d77be47c8e9de0fe638a9a
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
809ec973a018b6bf8ac18e74bfffc3d25182e6f44df00128d531cf3e07570ee6
856ab77157eae534661bc4cf795e067a5f13820d4e2d9701b6e323f5788e670c
897612bbd73c05d233cb2e1a9128058e27551b77a0e56b24f8d57a9d35de00b8
8d739e9bc6d43b6b3f01e43cab3449079d5cf1f2a88203682afee48a038346e5
9034d5d34015e4b05d2c1d1a8dc9f6ec9d59bd96d305eb9e24e24e65c591a645
90b91e17c86159aaf7840b1a00bfe8633968d7ee6ff706cf57b2bb46e676b099
983db66529c044e179ed23f5f10ac71636a58552b9a0ac29a3f84d0810e6155c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b0d3d5c0f4356eb0d53766a79309c5aee5ea3f1488742bca515b8e77c9a21d8
9d13a4755a9f397e7f33ce9582a4768818a055950026981242a3e9a6faeaa8ed
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a4bddb9535f5e3fe9e500616b2f1e4b10e1a5930a197848966a7c316838570a0
a5bd3bb26338c4a6832794fb44fd11c79290dc16caf9918cafacb7e8d984f180
aca5dec430a7470ff1d8a16f9e7bb3ca30f2ff58f3bd60432cf1dddfa30c9d71
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b18c313efdeda8074f2cbaf880d6e09d6b885092bf718cdfbc78842c34b73f70
b7044ab9a3f46f4890fae92fd21c2399ea637809a9c79c1c358e24588347532f
b7376e6a285e38d254204d0fa6aa29a9280308c4d4bf0e2e92c55e47d1fac920
b75309a1a7f739248c80dfc96d9bc80efaf35221b49e9b3ef4a8475796b93eed
bac346bae3caa68cc9e5d4a91220008d439dbc411dfc8a9cd933f7234c70d044
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c2e606e1fc82ea3a554aad5d0520e25d2677b89a891dc5c49e7ace08fce92e25
c2e7e1df5aa596aa4afbf50374723963b66d3c94348d1410f2256d4aa86ddbaf
c4596b16b126326b0d8fc2fb8bf91389ad3dc4671a269187913c19a8f2ad1094
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cabc70c32b857a552db8f176a4eef2c7a51c9db6cd653484b5d12e42f598060c
cc5d61ff6082dc4742fe334be1e48979e7e6bbd5f694212b6d526106aa2c9668
cd0d0b6e50ff01ff2f3a9a70d7cfb66a7c6cb9acf7a566325568be6d3bd31fc4
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d2a7a173045c7ed2c9474ee0edd3ebc0389454132b0a16e55b3eae6402c46a05
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
da343c70bf28bee6a1a9238dd5147b190b675a523e525e9a52b2bd9aaf48e4e1
db5ffd916dbeb4938cc236cb3a42e73a56987f28c5deb9f3beccbe2c4af19307
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0ac7848729ded76e1fe3bcce337b22697e3440e9feee3c62a67263afc8abf1
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de583c448ba7298a3d03f7a08756d0f0f7776a2ac59e2e3720b84fb30fd2919b
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e0a709b63261993d42234f053ee43b75d43af3d7b0f147eced60c97c3e6c8f95
e2f925db6119917230e885b016055a6a324d33b10585d5c7f106665ec157754e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4412b67eb8c67e19774da629f747a1cca29d89af2d93b30ca50dc7e3106437b
e55842a856a6d829feca3c3ad736c136b6c7549e9247274f78aa296259e06e24
e640d40946f4189221013c0f751eaf163330a9b36bb4ffcbb925ed34dca2a995
eb6398a0114471edabc6249e08a1bee85f0df4c7176b379912020b2cda9ad577
ed079d77ba54a8e4bfc931029de75b1f5128fcae45e274d53aca95f8ab17b438
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2400c8e4bbc7b9ac59a4b27b1b25cea3895b70265f636dc569ec657bee69ec4
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
fe203f7ec2e125e1d7bb1cecbc6fd182e383993398962f173faaf8b94f11d5bf
fef48719eaa745024d0b801254bd0fc8907d2eae226fb77b8550bce864ebd33b
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

theresortatsummerlin.com Open in urlscan Pro 68.178.206.199 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

167 Requests

80 %HTTPS

35 %IPv6

50 Domains

66 Subdomains

50 IPs

7 Countries

3446 kBTransfer

5818 kBSize

51 Cookies

9 Outgoing links

Page URL History

Redirected requests

167 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theresortatsummerlin.com Open in urlscan Pro
68.178.206.199 Public Scan

Screenshot
Live screenshot

Full Image

167
Requests

80 %
HTTPS

35 %
IPv6

50
Domains

66
Subdomains

50
IPs

7
Countries

3446 kB
Transfer

5818 kB
Size

51
Cookies

167 HTTP transactions
1 data transactions