www.jresortreno.com Open in urlscan Pro
50.28.39.171 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://thejresort.com/
Effective URL:
https://www.jresortreno.com/
Submission: On December 01 via api (December 1st 2024, 11:09:32 am UTC) from US — Scanned from DE

Summary HTTP 140 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 42 IPs in 7 countries across 41 domains to perform 140 HTTP transactions. The main IP is 50.28.39.171, located in United States and belongs to LIQUIDWEB, US. The main domain is www.jresortreno.com.
TLS certificate: Issued by R11 on November 25th 2024. Valid for: 3 months.

This is the only time www.jresortreno.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	3.33.251.168 3.33.251.168	16509 (AMAZON-02) (AMAZON-02)
41	50.28.39.171 50.28.39.171	32244 (LIQUIDWEB) (LIQUIDWEB)
1	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2600:9000:275... 2600:9000:275d:5c00:15:ac14:880:93a1	16509 (AMAZON-02) (AMAZON-02)
10	104.18.31.234 104.18.31.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:20e... 2600:9000:20eb:cc00:7:e536:8b00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:ce1f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	142.250.181.227 142.250.181.227	15169 (GOOGLE) (GOOGLE)
2	157.240.251.9 157.240.251.9	32934 (FACEBOOK) (FACEBOOK)
1 3	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1	13.225.83.200 13.225.83.200	16509 (AMAZON-02) (AMAZON-02)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
18	2600:9000:272... 2600:9000:2724:f200:3:6e74:fdc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	157.240.0.35 157.240.0.35	32934 (FACEBOOK) (FACEBOOK)
1 4	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
9	2a02:6ea0:c70... 2a02:6ea0:c700::101	60068 (CDN77 Dat...) (CDN77 Datacamp Limited)
1	142.250.185.131 142.250.185.131	15169 (GOOGLE) (GOOGLE)
2	2600:1f14:5db... 2600:1f14:5db:eb11:df1d:902f:6ac2:6827	16509 (AMAZON-02) (AMAZON-02)
2	18.245.31.29 18.245.31.29	16509 (AMAZON-02) (AMAZON-02)
1	3.20.231.156 3.20.231.156	16509 (AMAZON-02) (AMAZON-02)
17 22	34.13.138.208 34.13.138.208	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:223... 2600:9000:223f:2000:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (Amobee NE...) (Amobee NEXXEN GROUP LTD)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:85ae:a309:b3cb:4fce	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.16.237.161 52.16.237.161	16509 (AMAZON-02) (AMAZON-02)
1 1	18.198.150.105 18.198.150.105	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB...) (YAHOO-DEB Yahoo-UK Limited)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.4.194.40 52.4.194.40	14618 (AMAZON-AES) (AMAZON-AES)
1	2.16.253.63 2.16.253.63	16625 (AKAMAI-AS) (AKAMAI-AS)
1	63.32.148.48 63.32.148.48	16509 (AMAZON-02) (AMAZON-02)
1	34.250.216.176 34.250.216.176	16509 (AMAZON-02) (AMAZON-02)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	185.89.210.20 185.89.210.20	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
9	34.192.38.101 34.192.38.101	14618 (AMAZON-AES) (AMAZON-AES)
140	42

1 3.33.251.168 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com

thejresort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 50.28.39.171 (United States)

ASN32244 (LIQUIDWEB, US)
PTR: srv1.moderncraftmedia.com

www.jresortreno.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:275d:5c00:15:ac14:880:93a1 (United States)

ASN16509 (AMAZON-02, US)

sitemanager.web.pegs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 104.18.31.234 (None, )

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:cc00:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)

tag.brandcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:ce1f (United States)

ASN13335 (CLOUDFLARENET, US)

jeinevada.activehosted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.227 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.251.9 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-fra5.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.33.220.150 (Seattle, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2600:9000:2724:f200:3:6e74:fdc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

plugins.traveltripper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 216.58.206.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6ea0:c700::101 (Frankfurt am Main, Germany)

ASN60068 (CDN77 Datacamp Limited, GB)

cdn.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.131 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f14:5db:eb11:df1d:902f:6ac2:6827 (Boardman, United States)

ASN16509 (AMAZON-02, US)

api.userway.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.245.31.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-29.fra56.r.cloudfront.net

ip-geo-lookup.ec.pegs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.20.231.156 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-20-231-156.us-east-2.compute.amazonaws.com

auth.conversion-plus.ec.pegs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.13.138.208 (United States) 17 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 208.138.13.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223f:2000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (Amobee NEXXEN GROUP LTD, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:85ae:a309:b3cb:4fce (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.16.237.161 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-16-237-161.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.150.105 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-150-105.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB)

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.194.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-194-40.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.253.63 (Hamburg, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-253-63.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.148.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-148-48.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.250.216.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-216-176.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.20 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.192.38.101 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-192-38-101.compute-1.amazonaws.com

rt3api-prd.ttaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
41	jresortreno.com www.jresortreno.com	13 MB
24	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 5206 i.simpli.fi — Cisco Umbrella Rank: 4244 um.simpli.fi — Cisco Umbrella Rank: 878	13 KB
18	traveltripper.io plugins.traveltripper.io — Cisco Umbrella Rank: 378420	3 MB
11	userway.org cdn.userway.org — Cisco Umbrella Rank: 3208 api.userway.org — Cisco Umbrella Rank: 3180	67 KB
10	termly.io app.termly.io — Cisco Umbrella Rank: 13897	182 KB
9	ttaws.com rt3api-prd.ttaws.com — Cisco Umbrella Rank: 391306	45 KB
5	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 4108 www.google.com — Cisco Umbrella Rank: 3	1014 B
4	pegs.com sitemanager.web.pegs.com — Cisco Umbrella Rank: 709705 ip-geo-lookup.ec.pegs.com — Cisco Umbrella Rank: 522608 auth.conversion-plus.ec.pegs.com — Cisco Umbrella Rank: 601111	5 KB
3	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 960	383 B
3	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 135 googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 284	990 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 281	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 2185	2 KB
2	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 2194 ups.analytics.yahoo.com — Cisco Umbrella Rank: 548	507 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2363	867 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 550 d.agkn.com — Cisco Umbrella Rank: 758	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 470	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 513	730 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 120	212 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 192	74 KB
2	google.de www.google.de — Cisco Umbrella Rank: 10745	127 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	3 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 525	289 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 419	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 96	23 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 476	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 973	223 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1026	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 2213	27 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1532	421 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6784	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 429	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1246	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 574	237 B
1	gstatic.com www.gstatic.com	218 KB
1	cloudfront.net d1eoo1tco6rr5e.cloudfront.net
1	activehosted.com jeinevada.activehosted.com	7 KB
1	brandcdn.com tag.brandcdn.com — Cisco Umbrella Rank: 18353 adservices.brandcdn.com Failed	2 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	11 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	119 KB
1	thejresort.com 1 redirects thejresort.com	317 B
0	intentiq.com Failed sync.intentiq.com Failed
140	41

	Domain	Requested by
41	www.jresortreno.com	www.jresortreno.com
22	um.simpli.fi	17 redirects
18	plugins.traveltripper.io	sitemanager.web.pegs.com plugins.traveltripper.io
10	app.termly.io	www.jresortreno.com app.termly.io
9	rt3api-prd.ttaws.com	plugins.traveltripper.io
9	cdn.userway.org	www.jresortreno.com cdn.userway.org
4	www.google.com	1 redirects jeinevada.activehosted.com www.gstatic.com
3	insight.adsrvr.org	1 redirects www.jresortreno.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	ip-geo-lookup.ec.pegs.com	plugins.traveltripper.io
2	api.userway.org	cdn.userway.org
2	www.facebook.com	www.jresortreno.com
2	connect.facebook.net	www.jresortreno.com connect.facebook.net
2	www.google.de	www.jresortreno.com
2	fonts.googleapis.com	www.jresortreno.com
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	ups.analytics.yahoo.com
1	cms.analytics.yahoo.com	1 redirects
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	auth.conversion-plus.ec.pegs.com	plugins.traveltripper.io
1	www.gstatic.com	www.google.com
1	tag.simpli.fi	tag.brandcdn.com
1	d1eoo1tco6rr5e.cloudfront.net	tag.brandcdn.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	jeinevada.activehosted.com	www.jresortreno.com
1	tag.brandcdn.com	www.jresortreno.com
1	cdnjs.cloudflare.com	www.jresortreno.com plugins.traveltripper.io
1	sitemanager.web.pegs.com	www.jresortreno.com
1	www.googletagmanager.com	www.jresortreno.com
1	thejresort.com	1 redirects
0	sync.intentiq.com Failed
0	adservices.brandcdn.com Failed	tag.brandcdn.com
140	52

This site contains links to these domains. Also see Links.

Domain
jresortreno.reztrip.com
playerportal.jresortreno.com
nccreports.com
www.jresortent.com
www.gdwcasino.com
renosneonlinedistrict.org
jacobsentertainmentinc.com
thelodgecasino.com
thegilpincasino.com
secure4.saashr.com
app.reunitus.com
www.facebook.com
www.instagram.com
www.tiktok.com
www.linkedin.com

Subject Issuer	Validity	Valid
www.jresortreno.com R11	`2024-11-25` - `2025-02-23`	3 months	crt.sh
*.google-analytics.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
sitemanager.web.pegs.com Amazon RSA 2048 M03	`2024-04-25` - `2025-05-24`	a year	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2024-05-28` - `2025-06-28`	a year	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
cdnjs.cloudflare.com WE1	`2024-11-26` - `2025-02-24`	3 months	crt.sh
*.brandcdn.com Amazon RSA 2048 M02	`2024-07-02` - `2025-07-30`	a year	crt.sh
activehosted.com WE1	`2024-11-29` - `2025-02-28`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.google.de WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-09-09` - `2024-12-08`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2024-07-30` - `2025-07-03`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-11-13` - `2025-12-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2024-04-23` - `2025-05-25`	a year	crt.sh
plugins.traveltripper.io Amazon RSA 2048 M03	`2024-06-16` - `2025-07-14`	a year	crt.sh
*.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
1667503734.rsc.cdn77.org E6	`2024-09-25` - `2024-12-24`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
api.userway.org Amazon RSA 2048 M02	`2024-08-02` - `2025-08-31`	a year	crt.sh
ip-geo-lookup.ec.pegs.com Amazon RSA 2048 M02	`2024-08-31` - `2025-09-29`	a year	crt.sh
auth.conversion-plus.ec.pegs.com Amazon RSA 2048 M02	`2024-06-08` - `2025-07-07`	a year	crt.sh
*.ttaws.com Amazon RSA 2048 M03	`2024-08-31` - `2025-09-30`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://www.jresortreno.com/
Frame ID: BC4F7D3316D4CDE23443022218C9E6C8
Requests: 140 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/tf6s91n/84dk31e/iframe
Frame ID: D2B16AC50D8ED8BC378FD38193E985E4
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly93d3cuanJlc29ydHJlbm8uY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=a4w5ndolkh7w
Frame ID: 8D765037A85C657063914477358EEAD3
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go
Frame ID: 457F87F0FA7CDFC9F21134707E1EB562
Requests: 2 HTTP requests in this frame

Frame: https://cdn.userway.org/styles/2024-11-27-07-45-03/widget_base.css?v=1732693503366
Frame ID: 5074D19A86DD3956A6ED1C9F38010DB8
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Reno’s Hottest New Resort, Casino and Hotel | J Resort

Page URL History Show full URLs

https://thejresort.com/ HTTP 301
https://www.jresortreno.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

UserWay (Accessibility) Expand

Overall confidence: 100%
Detected patterns

cdn\.userway\.org/widget.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

140
Requests

86 %
HTTPS

30 %
IPv6

41
Domains

52
Subdomains

42
IPs

7
Countries

17523 kB
Transfer

22549 kB
Size

28
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://jresortreno.reztrip.com/search?arrival_date=2024-12-08&departure_date=2024-12-09&adults%5B%5D=2&children%5B%5D=0&currency=USD&locale=en
Title: Skip to Booking Engine, opens in new window.

Search URL Search Domain Scan URL

URL: https://jresortreno.reztrip.com/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://playerportal.jresortreno.com/
Title: Player Login

Search URL Search Domain Scan URL

URL: https://nccreports.com/application/?jresort
Title: Casino Credit

Search URL Search Domain Scan URL

URL: http://www.jresortent.com/
Title: Concerts & Festivals

Search URL Search Domain Scan URL

URL: https://www.gdwcasino.com/
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/logo-gold-dust-west.svg" alt="Gold Dust West">

Search URL Search Domain Scan URL

URL: https://renosneonlinedistrict.org/
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/rnl-logo.svg" alt="J Resort's Reno Neon Line">

Search URL Search Domain Scan URL

URL: https://jacobsentertainmentinc.com/
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/logo-jacobs.svg" alt="Jacobs Entertainment">

Search URL Search Domain Scan URL

URL: https://thelodgecasino.com/
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/logo-lodge-casino.svg" alt="The Lodge Casino">

Search URL Search Domain Scan URL

URL: https://thegilpincasino.com/
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/logo-gilpin.svg" alt="The Gilpin Casino">

Search URL Search Domain Scan URL

URL: https://secure4.saashr.com/ta/6161986.careers?CareersSearch
Title: Careers

Search URL Search Domain Scan URL

URL: https://app.reunitus.com/lf-pax/jacobs/landing?loc=JRR
Title: Lost & Found

Search URL Search Domain Scan URL

URL: https://www.facebook.com/jresortreno/
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/icon-facebook.svg" alt="Facebook">

Search URL Search Domain Scan URL

URL: https://www.instagram.com/jresortreno/
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/icon-instagram.svg" alt="Instagram" width="28" height="28">

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@jresortreno
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/icon-tiktok.svg" alt="Tik Tok">

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/jresortreno
Title: <img class="icon-logo" src="https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/icon-linkedIn.svg" alt="Linkedin">

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://thejresort.com/ HTTP 301
https://www.jresortreno.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://insight.adsrvr.org/tags/tf6s91n/84dk31e/iframe HTTP 301
https://d1eoo1tco6rr5e.cloudfront.net/tf6s91n/84dk31e/iframe

Request Chain 96

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=974D302D522F4846A94B32C88D79034D

Request Chain 97

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/974D302D522F4846A94B32C88D79034D HTTP 302
https://sync.1rx.io/usersync/simplifi/974D302D522F4846A94B32C88D79034D?zcc=1&cb=1733051366776 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-9511f76e-aa0a-4492-a9a3-f632cea66516-003

Request Chain 98

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=974D302D522F4846A94B32C88D79034D&dongle=yf3

Request Chain 99

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=974D302D522F4846A94B32C88D79034D

Request Chain 100

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=974D302D522F4846A94B32C88D79034D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=974D302D522F4846A94B32C88D79034D

Request Chain 101

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=974D302D522F4846A94B32C88D79034D HTTP 302
https://d.agkn.com/pixel/10751/?che=1733051366827&ip=185.213.155.173&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219843205083001486405 HTTP 302
https://um.simpli.fi/aa_px?sk=219843205083001486405 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 102

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=974D302D522F4846A94B32C88D79034D

Request Chain 105

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=974D302D522F4846A94B32C88D79034D;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=974D302D522F4846A94B32C88D79034D;mimetype=img;sr HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Request Chain 106

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=974D302D522F4846A94B32C88D79034D&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=974D302D522F4846A94B32C88D79034D&j=0&xl8blockcheck=1

Request Chain 108

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=974D302D522F4846A94B32C88D79034D

Request Chain 109

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=974D302D522F4846A94B32C88D79034D

Request Chain 110

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=974D302D522F4846A94B32C88D79034D

Request Chain 111

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=974D302D522F4846A94B32C88D79034D

Request Chain 112

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=974D302D522F4846A94B32C88D79034D

Request Chain 113

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1733051366652&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMItuTduLeGigMVv62DBx03rxbfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5qcmVzb3J0cmVuby5jb20v HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMItuTduLeGigMVv62DBx03rxbfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5qcmVzb3J0cmVuby5jb20v&is_vtc=1&cid=CAQSGwCa7L7divW-7V3WifQd0itSul0cX7xnZXizLw&random=228462047 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMItuTduLeGigMVv62DBx03rxbfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5qcmVzb3J0cmVuby5jb20v&is_vtc=1&cid=CAQSGwCa7L7divW-7V3WifQd0itSul0cX7xnZXizLw&random=228462047&ipr=y

Request Chain 115

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=974D302D522F4846A94B32C88D79034D HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D974D302D522F4846A94B32C88D79034D

Request Chain 116

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=974D302D522F4846A94B32C88D79034D&expires=365

Request Chain 117

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=974D302D522F4846A94B32C88D79034D

140 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.jresortreno.com/
Redirect Chain

https://thejresort.com/
https://www.jresortreno.com/

90 KB
17 KB

1295ms
1024ms

Document
text/html

50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server / PHP/7.4.33

Resource Hash

76437be54ed4aacd84274a4c3c741a1ef3c4d300ea86457d4ae30daf63527c15

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

content-encoding: gzip
content-length: 16813
content-type: text/html; charset=UTF-8
date: Sun, 01 Dec 2024 11:09:23 GMT
link: <https://www.jresortreno.com/wp-json/>; rel="https://api.w.org/" <https://www.jresortreno.com/wp-json/wp/v2/pages/82>; rel="alternate"; type="application/json" <https://www.jresortreno.com/>; rel=shortlink
permissions-policy: geolocation=(self)
referrer-policy: no-referrer-when-downgrade
server: JEI Web Server
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/7.4.33

Redirect headers

Connection: close
Content-Length: 63
Content-Type: text/html; charset=utf-8
Date: Sun, 01 Dec 2024 11:09:22 GMT
Location: https://www.jresortreno.com/
Server: ip-100-74-4-165.eu-west-2.compute.internal
Vary: Accept-Encoding
X-Request-Id: dc70f2f3-2dcc-4a41-b2e2-95e43384c075

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 352 KB
119 KB 179ms
57ms Script
application/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2DEJ97N63V

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f77bec5bae72102193664f01c1b1be9fe2eece760b40d4b70be5142b871895ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: br
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires: Sun, 01 Dec 2024 11:09:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
access-control-allow-headers: Cache-Control
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 120786
x-xss-protection: 0
server: Google Tag Manager

GET
H2 200 loader.js Show response
sitemanager.web.pegs.com/jresort/ 5 KB
2 KB 642ms
249ms Script
application/javascript 2600:9000:275d:5c00:15:ac14:880:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sitemanager.web.pegs.com/jresort/loader.js
Requested by: Host: www.jresortreno.com
URL: https://www.jresortreno.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:275d:5c00:15:ac14:880:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 45737ca837751d395fa958d29a3c504f600c6d96e78238a81c2fa5eda48ee45a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
etag: "f5e92760754a436879e78537493e94d0"
via: 1.1 5034084c037ff19008ba7c2c0b849a4c.cloudfront.net (CloudFront)
expires: 60
x-cache: Miss from cloudfront
content-length: 1789
x-amz-cf-id: 4WK3QKymTn2WuliCV4woxBLbaQF_a61kb8ud7N8wdpTuK85MpaE0dw==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/javascript
last-modified: Thu, 18 May 2023 19:26:42 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P11

GET
H3 200 f063e5be-1cbe-4758-bf2d-f61602e66d01 Show response
app.termly.io/resource-blocker/ 507 KB
158 KB 384ms
358ms Script
text/javascript 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01
Requested by: Host: www.jresortreno.com
URL: https://www.jresortreno.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d301bae71a643b79f209295ad0e6359d0db758e33ed8e5e9326f0bdc91ed01

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: max-age=14400, public
content-encoding: br
etag: W/"details::6759c54893df20121223d8593dcdef91||embed::6744f40d-7c852"
cf-ray: 8eb29ff09a01d3b5-FRA
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
server: cloudflare
priority: u=1,i=?0

GET
H2 200 style.min.css
www.jresortreno.com/wp-includes/css/dist/block-library/ 93 KB
17 KB 130ms
127ms Stylesheet
text/css 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "27081afa18ad91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
content-length: 17699
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 22:31:42 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 style-index.css
www.jresortreno.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/ 70 B
272 B 123ms
121ms Stylesheet
text/css 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/plugins/activecampaign-subscription-forms/activecampaign-form-block/build/style-index.css?ver=1699483276

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "2da275af9412da1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
content-length: 163
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: text/css
last-modified: Wed, 08 Nov 2023 22:41:16 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 classic-themes.min.css
www.jresortreno.com/wp-includes/css/ 217 B
384 B 125ms
122ms Stylesheet
text/css 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-includes/css/classic-themes.min.css?ver=1

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "dbd5efaea18ad91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
content-length: 298
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: text/css
last-modified: Fri, 19 May 2023 22:31:41 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
725 B 172ms
52ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Merriweather%3Awght%40400%3B700&display=swap&ver=6.1.1

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3756efa4fdef1a5db9612108bfdac10cfa777397e5167b1ab0a3ef38d11f973

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 11:09:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 01 Dec 2024 10:19:37 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 css2
fonts.googleapis.com/ 8 KB
2 KB 166ms
45ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Heebo%3Awght%40400%3B600&display=swap&ver=6.1.1

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9cb05392a6bc8d37ff40ae56d41bb1fd000b520816b51e030cd156b679c4323

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 11:09:24 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Sun, 01 Dec 2024 11:09:24 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 38ms
21ms Stylesheet
text/css 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css?ver=6.1.1

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6599bda5-28f2"
age: 452794
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MxPAzjHPon0gA4o6gYIUgSWVzmXEDxu%2BrJfVKvrkdBQFNb6Gx0gP6DnCjfItc%2BYOIa%2BMFzvSIS7HAJx6t%2BtqqCI3CNDkt%2BbePhTVsCbcBNItSq3arNhUMl5xeb7CJeDqEAZeVx9C"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Fri, 21 Nov 2025 11:09:23 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8eb29ff08aa3dbeb-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10482
server: cloudflare

GET
H2 200 app.css
www.jresortreno.com/wp-content/themes/jresorts/dist/js/ 1 MB
425 KB 242ms
241ms Stylesheet
text/css 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

677779dfe4fc37eedc51c1fa63893b89b265b48cc675700a815d90d92cad3108

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "fd1525d7fccad91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: text/css
last-modified: Wed, 09 Aug 2023 20:05:27 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 mcm-styles.css
www.jresortreno.com/wp-content/themes/jresorts/css/ 9 KB
3 KB 126ms
124ms Stylesheet
text/css 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/css/mcm-styles.css?ver=2412010323

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

76b846b097bad8ead846946e41f9e44b5bfc9420184ac1902664a7253227422d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "efef53a02ebdb1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
content-length: 3179
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: text/css
last-modified: Fri, 20 Sep 2024 07:28:02 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 J%20RESORT.js Show response
tag.brandcdn.com/autoscript/jresort_vfhwvmvfmvvrwgs9/ 1 KB
2 KB 51ms
10ms Script
application/javascript 2600:9000:20eb:cc00:7:e536:8b00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.brandcdn.com/autoscript/jresort_vfhwvmvfmvvrwgs9/J%20RESORT.js
Requested by: Host: www.jresortreno.com
URL: https://www.jresortreno.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:cc00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96f19de27dedbf66b16366f3e5a38420f757b8aa96a223def1ae817a366d2f74

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

x-amz-replication-status: COMPLETED
x-amz-version-id: usyCz7hUpk7hGF.kicfaWP40e0I5hy_T
etag: "c90119a8f0bc6365135790708e53eb97"
age: 4493
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Hit from cloudfront
content-length: 1293
x-amz-cf-id: chXClPqcrrcLTbsApE8geqBKCBQGxDqumoxMkvDU9pyVHaT8VNdLzg==
date: Sun, 01 Dec 2024 10:09:57 GMT
content-type: application/javascript
last-modified: Thu, 17 Oct 2024 15:34:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
x-amz-server-side-encryption: AES256

GET
H2 200 jresorts-logo.svg
www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/ 9 KB
9 KB 125ms
125ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/library/assets/img/jresorts-logo.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

498852d14ab400f1d8151685e8b5dd39e60265a74db923b3fb6c4b54d538c7a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 8986
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 embed.php Show response
jeinevada.activehosted.com/f/ 30 KB
7 KB 1492ms
1458ms Script
text/javascript 2606:4700::6811:ce1f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://jeinevada.activehosted.com/f/embed.php?static=0&id=52&674C43E3C7A5B&nostyles=1&preview=0

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:ce1f , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d32cf4660b8933bc2c7fcd86e6cc9d6088966d1cc7b471fa24691006b004af09

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
x-request-id: 2265d0977df9f7aae5444a90008664dc
cache-control: public, max-age=14400
content-encoding: gzip
cf-cache-status: MISS
pragma: no-cache
cf-ray: 8eb29ff0abee37d7-FRA
expires: Sun, 01 Dec 2024 15:09:25 GMT
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: text/javascript;charset=UTF-8
last-modified: Sun, 01 Dec 2024 11:09:25 GMT
vary: Accept-Encoding
server: cloudflare

GET
H2 200 site_tracking.js Show response
www.jresortreno.com/wp-content/plugins/activecampaign-subscription-forms/ 1 KB
887 B 237ms
235ms Script
application/javascript 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/plugins/activecampaign-subscription-forms/site_tracking.js?ver=6.1.1

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "51657aaf9412da1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
content-length: 807
date: Sun, 01 Dec 2024 11:09:23 GMT
content-type: application/javascript
last-modified: Wed, 08 Nov 2023 22:41:16 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 app.js Show response
www.jresortreno.com/wp-content/themes/jresorts/dist/js/ 3 MB
956 KB 232ms
232ms Script
application/javascript 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.js?ver=16908110372

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

229d4496b8a7702f8e3e5d9ec3e317d70cc3fbe37cff073e8e7f9e6a443ff120

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "a32e16eb5c3d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: application/javascript
last-modified: Mon, 31 Jul 2023 13:43:57 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 smush-lazy-load.min.js Show response
www.jresortreno.com/wp-content/plugins/wp-smushit/app/assets/js/ 8 KB
4 KB 126ms
122ms Script
application/javascript 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/plugins/wp-smushit/app/assets/js/smush-lazy-load.min.js?ver=3.15.1

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
content-encoding: gzip
etag: "94c935fb6421da1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
content-length: 4456
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: application/javascript
last-modified: Mon, 27 Nov 2023 19:07:35 GMT
vary: Accept-Encoding
server: JEI Web Server
x-frame-options: SAMEORIGIN

POST
H2 204 collect
region1.analytics.google.com/g/ 0
0 95ms
18ms Fetch
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2DEJ97N63V&gtm=45je4bk0v9116958777za200&_p=1733051363917&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101925629~102067555~102067808~102077855~102081485&cid=964917866.1733051364&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1733051364&sct=1&seg=0&dl=https%3A%2F%2Fwww.jresortreno.com%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1857
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2DEJ97N63V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.jresortreno.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: text/plain
server: Golfe2

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
557 B 95ms
18ms Ping
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2DEJ97N63V&cid=964917866.1733051364&gtm=45je4bk0v9116958777za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2DEJ97N63V
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to: {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires: Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin: https://www.jresortreno.com
cross-origin-opener-policy-report-only: same-origin; report-to=coop_reporting
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: text/plain
server: Golfe2

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 120ms
74ms Image
image/gif 142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2DEJ97N63V&cid=964917866.1733051364&gtm=45je4bk0v9116958777za200&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=101925629~102067555~102067808~102077855~102081485&tag_exp=101925629~102067555~102067808~102077855~102081485&z=81560866

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 01 Dec 2024 11:09:24 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H3 200 fbevents.js Show response
connect.facebook.net/en_US/ 239 KB
61 KB 26ms
8ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-pERP39Vo' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-pERP39Vo' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4411, tp=9, tpl=0, uplat=0, ullat=-1
pragma: public
x-fb-debug: px61tNbwUc0UxVOpgw4Tjb+5BtF87LSQUZ93Jd33BdhKgTaOZaLJMs7LtaN9p4wQj/q6xtWtjUKOoNjPrz579g==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
content-length: 62107
x-xss-protection: 0
origin-agent-cluster: ?1

GET cv_pixel.js
adservices.brandcdn.com/pixel/ 0
0

GET
H/1.1

200
OK

iframe
d1eoo1tco6rr5e.cloudfront.net/tf6s91n/84dk31e/ Frame D2B1
Redirect Chain

https://insight.adsrvr.org/tags/tf6s91n/84dk31e/iframe
https://d1eoo1tco6rr5e.cloudfront.net/tf6s91n/84dk31e/iframe

0
0

54ms
10ms

Document
text/html

13.225.83.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/tf6s91n/84dk31e/iframe
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/jresort_vfhwvmvfmvvrwgs9/J%20RESORT.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-83-200.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://www.jresortreno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Accept-Ranges: bytes
Age: 55605
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Sat, 30 Nov 2024 19:42:40 GMT
ETag: "eb79fd73d60e9974463dd5847cc1f603"
Last-Modified: Tue, 11 Apr 2023 17:56:11 GMT
Server: AmazonS3
Via: 1.1 52f0756596448c36265861853c0a44a4.cloudfront.net (CloudFront)
X-Amz-Cf-Id: HHTm8zf9XOqLB6q0wZ58MafELqFbzLn4TTN2LnK_LN1LcomRUipxYA==
X-Amz-Cf-Pop: FRA2-C2
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 0
date: Sun, 01 Dec 2024 11:09:24 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/tf6s91n/84dk31e/iframe

GET
H2 200 eefbc323-b8d5-43f2-95b2-dd7653ea919e Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 69ms
20ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/eefbc323-b8d5-43f2-95b2-dd7653ea919e
Requested by: Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/jresort_vfhwvmvfmvvrwgs9/J%20RESORT.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 59f3b89a7f6a8ad2338a6e8ec29bf3d0469e80300ef86e463f0f2b3a5b4f7e46

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

x-request-id: GA0JCLOYAcP7MPuQ4qBB
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
server: openresty

GET
H2 200 /
insight.adsrvr.org/track/conv/ 70 B
148 B 91ms
31ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/conv/?adv=tf6s91n&ct=0:lk03r0b&fmt=3
Requested by: Host: www.jresortreno.com
URL: https://www.jresortreno.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-length: 70
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/gif
server: Kestrel

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
149 B 90ms
29ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=tf6s91n&ct=0:84dk31e&fmt=3
Requested by: Host: www.jresortreno.com
URL: https://www.jresortreno.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-length: 70
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/gif
server: Kestrel

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ 4 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 213db684cdce365531d938c7757d1169dbe630fffa6fa70e17f60d7c2eae8c9f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 Champagne_Girl_118-jackpotss-1.jpg
www.jresortreno.com/wp-content/uploads/2023/09/ 531 KB
531 KB 228ms
222ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/09/Champagne_Girl_118-jackpotss-1.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

287e3b371dd26d330623091628e3feec8c4167bb7f3563c16e07de8ea4c3a10e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "71584257fbe7d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 543426
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 17:37:47 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 2J5A0813-afterglow-2.jpg
www.jresortreno.com/wp-content/uploads/2023/09/ 642 KB
643 KB 127ms
121ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/09/2J5A0813-afterglow-2.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

7495f0968dd2caf5d5aa157acbb151344b5cdfba4cfc8e03ac57174cf7f16071

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "63a3233fce7d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 657631
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 17:43:56 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 2J5A0660-steakhouuse.jpg
www.jresortreno.com/wp-content/uploads/2023/09/ 408 KB
409 KB 222ms
217ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/09/2J5A0660-steakhouuse.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

88b751b3f08735661365128058f28edc413eece132e9042290b277060be0369c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "e4bc174dfce7d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 418091
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Fri, 15 Sep 2023 17:44:39 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 10a2f5fccc4aa36095fb.svg
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 3 KB
3 KB 228ms
223ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/10a2f5fccc4aa36095fb.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

94b8ec2b5a9f5de874facfb78d276313ad73c83ffc056651aeaa69fc1925f031

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3531
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 c1653c26a80c981b1903.svg
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 3 KB
3 KB 229ms
223ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/c1653c26a80c981b1903.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

40c5707a5a23aef62fb757b395fd8170aeb5ad9a2eb4ed029149540c7890c0a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 2668
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 274c2fe55d04d4468d17.svg
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 9 KB
9 KB 226ms
221ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/274c2fe55d04d4468d17.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

8557d0d4a3a77ef439897822a8d28604ed44fccee8fd471a56a5ece3c0a3e32d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 9545
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 Premium_2_Queenwpillow-768x512.jpg
www.jresortreno.com/wp-content/uploads/2023/04/ 64 KB
64 KB 217ms
212ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/04/Premium_2_Queenwpillow-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

ef8ee2dd5a4b293d6bdea85da0f46b24bdc539536d272a87a5cfcf9f508ec818

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "02c73bfd68d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65878
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 05 Apr 2023 22:27:04 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 Family_005-768x512.jpg
www.jresortreno.com/wp-content/uploads/2023/04/ 81 KB
81 KB 233ms
228ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/04/Family_005-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

d340a454892f3ce93f09b4b0bfc15c81f43f36ede763389a13be178122a4d652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "05e974e68d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 83008
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 05 Apr 2023 22:29:00 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 Bath_044-768x512.jpg
www.jresortreno.com/wp-content/uploads/2023/04/ 75 KB
75 KB 246ms
242ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/04/Bath_044-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

87f5458223f2b95dacce02b50940aa178f34affa482546f3dfb58c8c90047f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0187cb56368d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 77109
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Thu, 06 Apr 2023 08:42:24 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 EliteSuiteBedroom_CityView-768x512.jpg
www.jresortreno.com/wp-content/uploads/2023/04/ 80 KB
80 KB 247ms
242ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/04/EliteSuiteBedroom_CityView-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

e08b9308574a8ba4b714e5b2666443bbb969471bf4f66d47a05442681520088d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0c992bf68d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 82140
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 05 Apr 2023 22:37:14 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 EliteSuiteLivingSpace-768x512.jpg
www.jresortreno.com/wp-content/uploads/2023/04/ 83 KB
83 KB 218ms
214ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/04/EliteSuiteLivingSpace-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

dfeacc805211607b0d8fdec96c429ad6497457d9fe2f00e8ab8a7c94f6bea2cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "09eafa73568d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 85039
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Thu, 06 Apr 2023 03:12:44 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 EliteSuiteBathroom_Overview-768x512.jpg
www.jresortreno.com/wp-content/uploads/2023/04/ 62 KB
63 KB 219ms
215ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/04/EliteSuiteBathroom_Overview-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

163c14fb2ecce293f00e8d2145951b256c707b2faca552adebe3d00f8563c22b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "03de51d468d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 63966
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Thu, 06 Apr 2023 22:08:30 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 LowRes_SKY.Bedroom3_Web-768x512.jpg
www.jresortreno.com/wp-content/uploads/2024/04/ 64 KB
64 KB 248ms
244ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2024/04/LowRes_SKY.Bedroom3_Web-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

efe9a2fb4c99ac53bda2ca8fa2983d758214bf0400019ab83aec819280887e5b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "8255c67678bda1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 65245
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 10 Apr 2024 16:51:58 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 LowRes_SKY.MainRoom1_Web-768x512.jpg
www.jresortreno.com/wp-content/uploads/2024/04/ 70 KB
70 KB 249ms
245ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2024/04/LowRes_SKY.MainRoom1_Web-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

c665f7fecfa0839cb9c51044a9d1cf6c042bac71ffce083431071a012823e73d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "b626f76d678bda1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 71966
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 10 Apr 2024 16:52:10 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 LowRes_SKY.Bathroom3_Web-768x512.jpg
www.jresortreno.com/wp-content/uploads/2024/04/ 42 KB
42 KB 250ms
246ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2024/04/LowRes_SKY.Bathroom3_Web-768x512.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

c39e6c6c7ff5cc23bfabe363ab4fa93c295de050c731700296e2f77f8677a9d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "f3daa362678bda1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 42889
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 10 Apr 2024 16:51:51 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 e64adbabc49809a964c0.svg
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 5 KB
5 KB 334ms
330ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/e64adbabc49809a964c0.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

3d85397a8f126f2ab21db77314ab8dce2c6e2c69e14dbfcfa156bf16e08ac065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 5080
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 307dd9db276be7b4a814.svg
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 11 KB
11 KB 336ms
332ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/307dd9db276be7b4a814.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

4d380ccb1249390d149a4a56e9d6c964ab8ada916c88ab84f71da5de385aef4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11684
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 f703bfe9fc67fd93a0b7.svg
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 21 KB
21 KB 340ms
336ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/f703bfe9fc67fd93a0b7.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

2ddbed48aa5e8ea742e94f058de4104bcd8d180f670a63f2b985fee287045055

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21674
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 jresortexterior3_web.jpg
www.jresortreno.com/wp-content/uploads/2023/06/ 798 KB
798 KB 341ms
338ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/06/jresortexterior3_web.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

55253d8358140e67f3ef2f249a9d4af5c989a136767ab7e35198bfcb3cdb3d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "a42289dc7da8d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 817020
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Mon, 26 Jun 2023 22:30:50 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 james-rosenquiest-1200x816-1.jpg
www.jresortreno.com/wp-content/uploads/2023/08/ 177 KB
177 KB 345ms
341ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/08/james-rosenquiest-1200x816-1.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

c641e00ad8796d33949cf3dc5006ed871c859cc94c038c801aed507d5448de20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "48b9c81282c9d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 181524
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Mon, 07 Aug 2023 22:54:08 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 seafoodprocess-scaled.jpg
www.jresortreno.com/wp-content/uploads/2023/10/ 473 KB
474 KB 345ms
342ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/10/seafoodprocess-scaled.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

0edadf920302d4919133e8431c1e8e7bac32f2e3017d74a124922976b8f36c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "c84a107526cda1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 484720
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Tue, 31 Oct 2023 18:17:07 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 Afterglow_Group_552_web.jpg
www.jresortreno.com/wp-content/uploads/2023/08/ 3 MB
3 MB 346ms
343ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/08/Afterglow_Group_552_web.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

4840122cf17386ac8d0f90658199a32090fd7ed81ba2b61a1b58ac35a39640b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "57fc5f21f3cad91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3534050
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 09 Aug 2023 18:55:56 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 dana-albany-1200x816-1.jpg
www.jresortreno.com/wp-content/uploads/2023/08/ 284 KB
285 KB 347ms
344ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/08/dana-albany-1200x816-1.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

dd0793c73bea3c2ee1b60aabbf155117d000d84056bc8be47dc51605c0da78c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "2878e68987c9d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 291102
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Mon, 07 Aug 2023 23:33:15 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 bruschetta-scaled.jpg
www.jresortreno.com/wp-content/uploads/2023/10/ 503 KB
503 KB 349ms
346ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/10/bruschetta-scaled.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

55df65669428d0b066ae1bfc966f0cc7b01f4ad922703d8b346b538f3121cd88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "cca9888e26cda1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 514877
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Tue, 31 Oct 2023 18:17:50 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 Craps_909_web.jpg
www.jresortreno.com/wp-content/uploads/2023/08/ 4 MB
4 MB 473ms
470ms Image
image/jpeg 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/08/Craps_909_web.jpg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

eb0fe61bfdad1e9d777769289b20a7f9258bc13ee02727a810c580aac088ab00

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "1a7b8346eacad91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 3928472
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/jpeg
last-modified: Wed, 09 Aug 2023 17:52:33 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 524 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ccc47cb490248d443c26d27741b7fdcefcd18f1c328d339d4b0a6bd45eae590c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 523 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff706719bc74499e616ecb1cd8ed507b7237c2b96aaf49dae49322e823d69a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 a1564b6037280e1cbc0f.svg
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 77 KB
77 KB 337ms
335ms Image
image/svg+xml 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/a1564b6037280e1cbc0f.svg

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

fecd846483814004893afa46d4431ecbf8a16eb3242196c9881fdf24ea14e065

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 78649
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/svg+xml
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 e37cf59954e32a3f5401.otf
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 125 KB
125 KB 320ms
320ms Font
font/otf 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/e37cf59954e32a3f5401.otf

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128020
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: font/otf
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 bcd733e6f8ebeb6a5e75.otf
www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/ 126 KB
126 KB 333ms
333ms Font
font/otf 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/images/bcd733e6f8ebeb6a5e75.otf

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://www.jresortreno.com/wp-content/themes/jresorts/dist/js/app.css?ver=16916115272

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "0cb8b25d889d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 128768
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: font/otf
last-modified: Thu, 18 May 2023 22:29:02 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
DATA 200
OK truncated
/ 2 KB
2 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 cp.min.js Show response
plugins.traveltripper.io/v4.0.1/ 2 MB
2 MB 89ms
15ms Script
application/javascript 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Requested by: Host: sitemanager.web.pegs.com
URL: https://sitemanager.web.pegs.com/jresort/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7398e6e9526eece851b08f3a3830d4c802e213f917e2c0973d53aa5a170d56cb

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "2652dfb7f671281fb7a19789b8031bf6"
age: 75108
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 1990787
x-amz-cf-id: BWIlGAOH74G-IVGvcLTxwwTrUBVGlLdiAWSWPSHJeXRkCVnkANExRg==
date: Sat, 30 Nov 2024 14:17:37 GMT
content-type: application/javascript
last-modified: Tue, 09 Aug 2022 20:43:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12

GET
H3 200 589891156459292 Show response
connect.facebook.net/signals/config/ 68 KB
13 KB 146ms
146ms Script
application/x-javascript 157.240.251.9
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/589891156459292?v=2.9.176&r=stable&domain=www.jresortreno.com&hme=872f04a0547459b3285cb03b0d7a47bfde40628f4b386809918a621e2688602f&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C195%2C194%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.251.9 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-01-fra5.fbcdn.net

Software

Resource Hash

86411ce1f7b5114524a1193a7d9a2f7e94a2640fab45ce09a9b71a188f0869b1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src 'nonce-pzuywe0C' .fbcdn.net .facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'nonce-pzuywe0C' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control: public, max-age=1200
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=71, mss=1232, tbw=70893, tp=68, tpl=0, uplat=138, ullat=0
pragma: public
x-fb-debug: M1NZZYV+DUdb2CzxaBFPkFBXIDSxswI4MazdoaJmTvSy/KuT9weoqiNR6MlS6MCVK1sLGZ3aHWE+wmipU6idvg==
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy: force-load-at-top
cross-origin-opener-policy-report-only: restrict-properties;report-to="coop_report"
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 25ms
10ms Image
text/plain 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=589891156459292&ev=PageView&dl=https%3A%2F%2Fwww.jresortreno.com%2F&rl=&if=false&ts=1733051364762&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733051364761.423180358196488406&ler=empty&cdl=API_unavailable&it=1733051364585&coo=false&rqm=GET

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4461, tp=10, tpl=0, uplat=0, ullat=0
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: text/plain
server: proxygen-bolt
priority: u=3,i

GET
H3 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
196 B 204ms
189ms Image
image/png 157.240.0.35
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=589891156459292&ev=PageView&dl=https%3A%2F%2Fwww.jresortreno.com%2F&rl=&if=false&ts=1733051364762&sw=1600&sh=1200&v=2.9.176&r=stable&ec=0&o=12318&fbp=fb.1.1733051364761.423180358196488406&ler=empty&cdl=API_unavailable&it=1733051364585&coo=false&rqm=FGET

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

edge-star-mini-shv-02-fra3.facebook.com

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com .facebook.com .fbcdn.net;script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com https://paywithmybank.com/ https://.paywithmybank.com/;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net https://paywithmybank.com/ https://.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: zstd
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7443398932230845080"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options: nosniff
expires: Sat, 01 Jan 2000 00:00:00 GMT
alt-svc: h3=":443"; ma=86400
date: Sun, 01 Dec 2024 11:09:24 GMT
content-type: image/png
vary: Accept-Encoding
x-fb-debug: h5AemlPgrBaJfdGCowk5/edQn728Xk/o9gOp91KTWRLdNTBtthktRLoFXaR25Y31eHjYxXcdmB15ZdQM2UNy8g==
priority: u=3,i
x-frame-options: DENY
strict-transport-security: max-age=15552000; preload
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7443398932230845080", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com *.facebook.com *.fbcdn.net;script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'wasm-unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control: private, no-store, no-cache, must-revalidate
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4829, tp=13, tpl=0, uplat=180, ullat=0
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
pragma: no-cache
cross-origin-resource-policy: cross-origin
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy: force-load-at-top
x-xss-protection: 0
origin-agent-cluster: ?1

GET
H3 200 api.js Show response
www.google.com/recaptcha/ 1 KB
990 B 256ms
47ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptcha_callback&render=explicit

Requested by

Host: jeinevada.activehosted.com
URL: https://jeinevada.activehosted.com/f/embed.php?static=0&id=52&674C43E3C7A5B&nostyles=1&preview=0

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

ESF /

Resource Hash

f6d2a0d610ca24a20a48233f2959dbaf4188e1440ca25ba52071377e894cdcf0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: private, max-age=300
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 11:09:25 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date: Sun, 01 Dec 2024 11:09:25 GMT
x-xss-protection: 0
content-type: text/javascript; charset=utf-8
server: ESF
x-frame-options: SAMEORIGIN

GET
H2 200 widget.js Show response
cdn.userway.org/ 2 KB
2 KB 206ms
8ms Script
application/javascript 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widget.js
Requested by: Host: www.jresortreno.com
URL: https://www.jresortreno.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 2bddf99238a9c38e50c0e788928250de2f4fc54947ae5a4b08639d4c8eba198f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"0195d849e5d3faf21fbcd2fe97863b71"
age: 300
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: _2Q0XHGjgwewEo5ca9Z-lGcXdpThlhdPWSQJKXKp3sQAFaK3YPO1YA==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 07:48:51 GMT
x-77-nzt-ray: 0d1fa518fb608464e5434c67e6b45924
vary: Accept-Encoding
x-77-nzt: EgwBJRPCTwH30QIAAAwBw7WvAgG3KAAAAA
cache-control: max-age=3600, public
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 721
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

POST
H3 201 statistics Show response
app.termly.io/api/v1/snippets/websites/f063e5be-1cbe-4758-bf2d-f61602e66d01/ 3 B
592 B 204ms
204ms XHR
application/json 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/f063e5be-1cbe-4758-bf2d-f61602e66d01/statistics

Requested by

Host: app.termly.io
URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.jresortreno.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Content-Type: application/json

Response headers

access-control-max-age: 600
x-request-id: fa2f4bee-4868-4e07-9eed-f468b7b6aef5
access-control-expose-headers
cf-cache-status: DYNAMIC
etag: W/"43974ed74066b207c30ffd0fed514676"
access-control-allow-methods: POST
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json; charset=utf-8
vary: Origin
x-runtime: 0.011737
priority: u=1,i
strict-transport-security: max-age=15768000; includeSubDomains; preload
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cache-control: max-age=0, private, must-revalidate
x-rack-cors: hit
cf-ray: 8eb29ffb5edc3a9e-FRA
access-control-allow-origin: *
content-length: 3
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 cookies Show response
app.termly.io/api/v1/snippets/websites/f063e5be-1cbe-4758-bf2d-f61602e66d01/ 38 KB
7 KB 571ms
571ms XHR
application/json 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/f063e5be-1cbe-4758-bf2d-f61602e66d01/cookies?lang=en

Requested by

Host: app.termly.io
URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9bf4a052d1f4f7fc6d876d301f1d9d8833e513637818d88a1ffa4d983a85d862

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 600
x-request-id: 6c400e2a-a87f-4bfc-9818-84bf5e4e2d3b
access-control-expose-headers
content-encoding: gzip
cf-cache-status: REVALIDATED
etag: W/"9bf4a052d1f4f7fc6d876d301f1d9d88"
access-control-allow-methods: GET
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 15:09:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json; charset=utf-8
vary: Origin, Accept-Encoding
x-runtime: 0.035713
priority: u=1,i
strict-transport-security: max-age=15768000; includeSubDomains; preload
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
cache-control: public, max-age=14400
x-rack-cors: hit
cf-ray: 8eb29ff9ecd43a9e-FRA
access-control-allow-origin: *
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 922.min.js Show response
app.termly.io/resource-blocker/support/ 481 B
628 B 34ms
32ms Script
application/javascript 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/922.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

01681015815e521e794d23f5d59fbd77f14c0cc7f103459c66629e5082cac75a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: W/"6744f40d-1e1"
age: 373
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 15:09:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Nov 2024 22:02:53 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8eb29ffa1cf6d3b5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 en.json Show response
app.termly.io/resource-blocker/i18n/ 12 KB
3 KB 202ms
201ms XHR
application/json 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/i18n/en.json
Requested by: Host: app.termly.io
URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 323bdc4b394aaf7983339dafaddb7c1a0e331ad4f2a94fe3a9f91e7f6912b96e

Request headers

Referer: https://www.jresortreno.com/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/plain, */*
Csrf-Token: b15b8de3-8b94-40c6-9a97-33c3f7995f1f

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6744f40d-3098"
access-control-allow-methods: GET,OPTIONS
expires: Sun, 01 Dec 2024 15:09:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json; charset=utf-8
last-modified: Mon, 25 Nov 2024 22:02:53 GMT
vary: Accept-Encoding
priority: u=1,i
access-control-allow-headers: *
cache-control: public, max-age=14400
cf-ray: 8eb29ffb7f063a9e-FRA
access-control-allow-origin: *
server: cloudflare

GET
H3 200 717.min.js Show response
app.termly.io/resource-blocker/support/ 16 KB
7 KB 25ms
25ms Script
application/javascript 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/717.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd7b9189671a30cf30a66791c887b4d2af5afa113190d223d0049f822f4e399b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6744f40d-3ee0"
age: 5885
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 15:09:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Nov 2024 22:02:53 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8eb29ffb0f4cd3b5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 476.min.js Show response
app.termly.io/resource-blocker/support/ 7 KB
3 KB 25ms
25ms Script
application/javascript 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/476.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

668d8d5ed461b617002c02ce837c25500fadba04c4ac7ad8d51e940ab12de531

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6744f40d-1aa5"
age: 4438
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 15:09:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Nov 2024 22:02:53 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8eb29ffb0f4fd3b5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

OPTIONS
H3 200 statistics
app.termly.io/api/v1/snippets/websites/f063e5be-1cbe-4758-bf2d-f61602e66d01/ Frame 0
0 236ms
235ms Preflight 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/api/v1/snippets/websites/f063e5be-1cbe-4758-bf2d-f61602e66d01/statistics

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.jresortreno.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
access-control-expose-headers
access-control-max-age: 600
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8eb29ff9ecd03a9e-FRA
content-length: 0
content-security-policy: default-src 'unsafe-eval' 'unsafe-inline' https:; img-src 'self' data: https:; font-src data: https:; style-src 'self' blob: 'unsafe-inline' https:; connect-src 'unsafe-eval' 'unsafe-inline' https: wss://sockets.dixa.io wss://api.appcues.net wss://*.firebaseio.com; frame-src 'self' https:
date: Sun, 01 Dec 2024 11:09:25 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

OPTIONS
H3 204 en.json
app.termly.io/resource-blocker/i18n/ Frame 0
0 216ms
215ms Preflight 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.termly.io/resource-blocker/i18n/en.json
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: csrf-token
Access-Control-Request-Method: GET
Origin: https://www.jresortreno.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers: *
access-control-allow-methods: GET,OPTIONS
access-control-allow-origin: *
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 8eb29ffa1d073a9e-FRA
date: Sun, 01 Dec 2024 11:09:25 GMT
priority: u=1,i
server: cloudflare
server-timing: cfExtPri

GET
H2 200 Best.png
www.jresortreno.com/wp-content/uploads/2024/08/ 42 KB
42 KB 122ms
122ms Image
image/png 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2024/08/Best.png

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

cb7d89ec543e1abfe415c32a8b7e34f5c5042f53e51c28b48c78c5218efdd9c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "a94cbcb51ce9da1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 43383
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: image/png
last-modified: Wed, 07 Aug 2024 22:54:07 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 diner.png
www.jresortreno.com/wp-content/uploads/2024/08/ 17 KB
17 KB 123ms
122ms Image
image/png 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.jresortreno.com/wp-content/uploads/2024/08/diner.png

Requested by

Host: www.jresortreno.com
URL: https://www.jresortreno.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

1e939dd4e41c4eab2ef3ab1e1014785c5d97649edc99cd6c16f5a5bbdff0732f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "5c70ab31ce9da1:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 16989
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: image/png
last-modified: Wed, 07 Aug 2024 22:54:03 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2 200 widget_app_base_1732693503366.js Show response
cdn.userway.org/widgetapp/2024-11-27-07-45-03/ 130 KB
41 KB 23ms
7ms Script
application/javascript 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 9d12f6dea4753a8d25537214864460bb650cf9d8bec240f67b95da6d1563f392

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"30fb9e88721ef36ad84077dcc7464c33"
age: 299
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: fIyBtynu-yZpRpebn11DzxeWsJbeJ75Pvd0c2i1acuB__LXvnBed1A==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 07:48:37 GMT
vary: Accept-Encoding
x-77-nzt-ray: 0d1fa518fc53ff6ce5434c67591d0426
x-77-nzt: EgwBJRPCTwH3O3MFAAwBJRPCMQG3KQAAAA
cache-control: max-age=25920000, public
via: 1.1 efb4ddf9650598b987ef5db782c5b530.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357179
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H3 200 18.min.js Show response
app.termly.io/resource-blocker/support/ 7 KB
2 KB 30ms
29ms Script
application/javascript 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/resource-blocker/support/18.min.js

Requested by

Host: app.termly.io
URL: https://app.termly.io/resource-blocker/f063e5be-1cbe-4758-bf2d-f61602e66d01

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2310e624b9596807db7f43f3ecbef3105116c2064693c5e2237215b4ca4a5b39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
cf-cache-status: HIT
etag: W/"6744f40d-1c75"
age: 2682
x-content-type-options: nosniff
expires: Sun, 01 Dec 2024 15:09:25 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 25 Nov 2024 22:02:53 GMT
vary: Accept-Encoding
priority: u=3,i=?0
strict-transport-security: max-age=15768000; includeSubDomains; preload
cache-control: public, max-age=14400
referrer-policy: no-referrer
cf-ray: 8eb29ffb3fc7d3b5-FRA
x-xss-protection: 1; mode=block
server: cloudflare

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/ 549 KB
218 KB 86ms
36ms Script
text/javascript 142.250.185.131
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptcha_callback&render=explicit

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.131 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f3.1e100.net

Software

sffe /

Resource Hash

6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://www.jresortreno.com/

Response headers

content-encoding: gzip
age: 77372
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options: nosniff
expires: Sun, 30 Nov 2025 13:39:53 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 30 Nov 2024 13:39:53 GMT
last-modified: Mon, 11 Nov 2024 05:00:22 GMT
content-type: text/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges: bytes
access-control-allow-origin: *
content-length: 222835
x-xss-protection: 0
server: sffe

POST
H2 200 krgue240RW Show response
api.userway.org/api/tunings/ 1 KB
2 KB 537ms
176ms XHR
application/json 2600:1f14:5db:eb11:df1d:902f:6ac2:6827
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/tunings/krgue240RW
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:df1d:902f:6ac2:6827 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 2973b7b8d207e4f88dfeab7ffd5067afd73ed876643e1b619e4f10f50c7d1f22

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
x-service-request-id: usr51077a0cdb6d407
etag: W/"591-cXER1Oayu9+eu9HHUP/0Iqg57ZU"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 1425
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: application/json; charset=utf-8
x-service-version: uw-pr
access-control-allow-headers: *

GET de-de.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/locale/ 0
0

GET
H2 200 conversion-plus-base-theme.min.css
plugins.traveltripper.io/v4.0.1/css/ 41 KB
42 KB 17ms
17ms Stylesheet
text/css 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b87e46673619690c5e68cabaa0c79e184b767052a3c4ad934e5c9c8c35945cd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "45229137350a8fdf0e7192d6d0acbdb0"
age: 2665
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 42348
x-amz-cf-id: RRwkFm5Txw30GlkvaBy_0l3iyBx4cXFjLD1Mn_n_p8pfdqAqiNm0ow==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: text/css
last-modified: Tue, 09 Aug 2022 20:43:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12

GET
H2 200 / Show response
ip-geo-lookup.ec.pegs.com/ 1 KB
1 KB 792ms
359ms XHR
application/json 18.245.31.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ip-geo-lookup.ec.pegs.com/
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-29.fra56.r.cloudfront.net
Software: /
Resource Hash: baa23592a5c5949121a1d78df235dab59b077f77ca7229fe9ad0e6b03ad630a9

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.jresortreno.com/

Response headers

x-amz-apigw-id: CG-MEFVaiYcEpuA=
x-amzn-trace-id: Root=1-674c43e6-5e1147764a09ca5d2e26122c;Parent=11c324d5b6b677a6;Sampled=0;Lineage=1:258e6b01:0
access-control-allow-methods: *
x-amzn-requestid: 83385959-7369-4e9e-835a-6c84e34e6776
via: 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 1088
x-amz-cf-id: oTUIFobpRnEPSnGkQtlPFLM7YzIjgisR515v5yUz2t1Tmvhm8KbpGA==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P8

GET
H2 200 en.json Show response
plugins.traveltripper.io/v4.0.1/locales/cross-out-rate/ 533 B
905 B 55ms
32ms XHR
application/json 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/locales/cross-out-rate/en.json
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 47d039e4d8043bf5bde43f9a5f9bfeeb64144441f0ba80b2d0e729c93c0395be

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "4fcfa3f6bc13a0952c85803eb01fb65d"
age: 2665
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 533
x-amz-cf-id: 5MUrHmaRUlm2w5pQPbiVacv1cuSo9SLmpPWi-dtXBcI6suUuMQrXPg==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json
last-modified: Tue, 09 Aug 2022 20:43:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 en.json Show response
plugins.traveltripper.io/v4.0.1/locales/booking-widget/ 3 KB
3 KB 53ms
30ms XHR
application/json 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/locales/booking-widget/en.json
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e24843d5201f699c6738be8517a9ef2dbc0a24a854cc8781802c1c038e3cdc60

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "8b703e42df93e662a4753d1e350567a2"
age: 2665
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 2809
x-amz-cf-id: YZcEVI6EHUZwj6hSfnt1_2EHKsMnWwSv83tGWNkvCT1hCnVrZJPpUQ==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json
last-modified: Tue, 09 Aug 2022 20:43:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 en.json Show response
plugins.traveltripper.io/v4.0.1/locales/conversion-plus/ 1 KB
2 KB 50ms
27ms XHR
application/json 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/locales/conversion-plus/en.json
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ce4437e1aaacb62aa4499cdc379f27b0b7cc44f8a0bc3a45ef6ce48ce8a36b0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "d086638791b8abbc30d104cd19228ef8"
age: 2665
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 1331
x-amz-cf-id: Oz6X8QPncR3KExM4HdA3ryCJJxdh9o0mDHUpwfRPy3NhBo_mMg6bag==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json
last-modified: Tue, 09 Aug 2022 20:43:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 en.json Show response
plugins.traveltripper.io/v4.0.1/locales/brg-banner/ 454 B
827 B 52ms
29ms XHR
application/json 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/locales/brg-banner/en.json
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2914a075c28ac56a59a672912ef4c3e338b4474270cd1329a037098c4296b050

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "46cb582caba292fb2ce84de20f235e36"
age: 2665
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 454
x-amz-cf-id: qPq0azpvIX43rQClzKFfw1R8at9GvSSpo3NF77g2-G6zw4fdvQLNUw==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json
last-modified: Tue, 09 Aug 2022 20:43:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 en.json Show response
plugins.traveltripper.io/v4.0.1/locales/offer-calendar/ 1 KB
2 KB 49ms
26ms XHR
application/json 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/locales/offer-calendar/en.json
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e2dad9be7c0982b97544ae04177fa4ea1e8cd277cd76ba0120e94d9de989760a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "dd2e8faec92c9a1e1c3f28cf27acf052"
age: 2665
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 1452
x-amz-cf-id: buKoUuzVVWRGYQMeAVTkrTgfwy05KYSkkv4I_WTuu9iuuEHKEF7z-Q==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json
last-modified: Tue, 09 Aug 2022 20:43:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 en.json Show response
plugins.traveltripper.io/v4.0.1/locales/offer/ 924 B
1 KB 50ms
28ms XHR
application/json 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/locales/offer/en.json
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 77a06bf6284fec0b775cf14676604d95666f60f69bd50dd45242eb7450411433

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "4e54036edcab237d059213976aa8969d"
age: 2665
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 924
x-amz-cf-id: c1cb7AEFxqigRvwwWSqfF9SJ9hM92jhehTa1e_mFc8MQmyzlwJwnaQ==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json
last-modified: Tue, 09 Aug 2022 20:43:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 en.json Show response
plugins.traveltripper.io/v4.0.1/locales/room/ 980 B
1 KB 55ms
33ms XHR
application/json 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v4.0.1/locales/room/en.json
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 903d663af0f592b04baedfd909e66629b5c9e05004308353fe8839b36f10cbef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

etag: "6318c1337426526de724c65ca9f9c329"
age: 2665
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 980
x-amz-cf-id: xPMprnr32i3-TunuR1vWRC2zrPBsWZV-8yybf5q3f1xSr4Hk63_xeQ==
date: Sun, 01 Dec 2024 11:09:25 GMT
content-type: application/json
last-modified: Tue, 09 Aug 2022 20:43:40 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 reztrip Show response
auth.conversion-plus.ec.pegs.com/ 53 B
321 B 979ms
257ms XHR
application/json 3.20.231.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://auth.conversion-plus.ec.pegs.com/reztrip
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 3.20.231.156 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-20-231-156.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 0069a4778609dd9575c307921131a0e0e2cbcf451024f379ded568f511d8f8df

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

x-amz-apigw-id: CG-MGEcOCYcEJig=
x-amzn-trace-id: Root=1-674c43e6-0d2c481e15583bd75733ebb8;Parent=7182a6b6efd0d258;Sampled=0;Lineage=1:6bfbce33:0
access-control-allow-methods: *
x-amzn-requestid: 1f2b9295-3109-49b1-b6ff-f8e0e74cbeb3
access-control-allow-origin: *
content-length: 53
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: application/json

GET
H3 200 anchor
www.google.com/recaptcha/api2/ Frame 8D76 0
0 139ms
67ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go&co=aHR0cHM6Ly93d3cuanJlc29ydHJlbm8uY29tOjQ0Mw..&hl=de&v=pPK749sccDmVW_9DSeTMVvh2&size=normal&cb=a4w5ndolkh7w

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--JaRLuKacoEh19-FdpOPJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jresortreno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--JaRLuKacoEh19-FdpOPJA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 01 Dec 2024 11:09:25 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 en-US.json Show response
cdn.userway.org/widgetapp/2024-11-27-07-45-03/locales/ 607 B
944 B 8ms
8ms XHR
application/json 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/locales/en-US.json
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"971644f50e2020e1ff22e37edcad46f6"
age: 298
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: eDJUntpzJ-Ggz3XO7KBo9ZIIVFeiIFblqCDNcNXrlfhiFOaWIsd09A==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: application/json
last-modified: Wed, 27 Nov 2024 07:48:35 GMT
x-77-nzt-ray: 0d1fa518fc53ff6ce6434c678e6bce0c
vary: Accept-Encoding
x-77-nzt: EgwBJRPCTwH3N3MFAAwBisclxAG3LAAAAA
cache-control: max-age=25920000, public
via: 1.1 5421a870e3aababe98272cc4ea364cea.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357175
x-amz-cf-pop: FRA56-P10
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 p Show response
i.simpli.fi/ 798 B
760 B 27ms
18ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=416304&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/eefbc323-b8d5-43f2-95b2-dd7653ea919e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 3494b135b88a2df096c0b6f56bfee07fa8bd14a0c06909a24ee24a973e83021c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-encoding: gzip
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
server: openresty

GET
H2 200 cookieconsent.min.css
plugins.traveltripper.io/v2/css/ 4 KB
4 KB 10ms
10ms Stylesheet
text/css 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/v2/css/cookieconsent.min.css
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: max-age=604800
etag: "ac9205ab7ec136ebf36183a9d1744315"
age: 306793
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 4064
x-amz-cf-id: ymzPegJwUp_pjcTEL9dLkYQdNXjA5dcxZdIoVTXKQ5CD-b5UO-76Pg==
date: Wed, 27 Nov 2024 21:56:14 GMT
content-type: text/css
last-modified: Tue, 03 Aug 2021 13:40:43 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12

GET
H2 200 / Show response
ip-geo-lookup.ec.pegs.com/ 1 KB
1 KB 389ms
389ms XHR
application/json 18.245.31.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ip-geo-lookup.ec.pegs.com/
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.245.31.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-31-29.fra56.r.cloudfront.net
Software: /
Resource Hash: 2b929249952644e76b1bbd37a2510cce17385123162880911c3d0112d8b41bca

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type: application/x-www-form-urlencoded
Referer: https://www.jresortreno.com/

Response headers

x-amz-apigw-id: CG-MIE0siYcEs3A=
x-amzn-trace-id: Root=1-674c43e6-6c4be4e110f928a65fa3efa2;Parent=12b1deb8df4236ec;Sampled=0;Lineage=1:258e6b01:0
access-control-allow-methods: *
x-amzn-requestid: e14043e8-1420-435a-8768-63e94840c893
via: 1.1 b5baf61905dac15e74c27872e28ce3ae.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Miss from cloudfront
content-length: 1088
x-amz-cf-id: ie_bq5tJNtdoM3jTeXZXKD4aa0M9gbAllJvYu-BmKMex40CQ_IVP5g==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: application/json
x-amz-cf-pop: FRA56-P8

GET
H2 200 favicon.png
www.jresortreno.com/wp-content/uploads/2023/05/ 552 B
660 B 122ms
122ms Other
image/png 50.28.39.171
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL

https://www.jresortreno.com/wp-content/uploads/2023/05/favicon.png

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.28.39.171 , United States, ASN32244 (LIQUIDWEB, US),

Reverse DNS

srv1.moderncraftmedia.com

Software

JEI Web Server /

Resource Hash

f946524acc560dd90b948b0aecec2d0775f9d8c0f2105fecaf0618d68da4a134

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
cache-control: max-age=604800
etag: "05a47b7ad82d91:0"
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
permissions-policy: geolocation=(self)
accept-ranges: bytes
access-control-allow-origin: *
content-length: 552
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/png
last-modified: Tue, 09 May 2023 19:37:40 GMT
server: JEI Web Server
x-frame-options: SAMEORIGIN

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=974D302D522F4846A94B32C88D79034D

0
237 B

59ms
22ms

Image
text/plain

2600:9000:223f:2000:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=974D302D522F4846A94B32C88D79034D
Protocol: H2
Server: 2600:9000:223f:2000:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

via: 1.1 5e28951e5f2b6d7d562636473d26d7a6.cloudfront.net (CloudFront)
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
x-amz-cf-id: JpIhYGF6Yhkp5OJcKrQ2mbLd193PRy0eo6pEp7uDBi5K7RRwnmkjCQ==
date: Sun, 01 Dec 2024 11:09:26 GMT
x-amz-cf-pop: FRA56-P5
server: CloudFront

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

RX-9511f76e-aa0a-4492-a9a3-f632cea66516-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/974D302D522F4846A94B32C88D79034D
https://sync.1rx.io/usersync/simplifi/974D302D522F4846A94B32C88D79034D?zcc=1&cb=1733051366776
https://sync.targeting.unrulymedia.com/csync/RX-9511f76e-aa0a-4492-a9a3-f632cea66516-003

43 B
378 B

41ms
13ms

Image
image/gif

46.228.174.117
Amobee NEXXEN GRO...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-9511f76e-aa0a-4492-a9a3-f632cea66516-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (Amobee NEXXEN GROUP LTD, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date: Sun, 01 Dec 2024 11:09:26 GMT
content-length: 43

Redirect headers

expires: 0
cache-control: no-store, no-cache, must-revalidate
location: https://sync.targeting.unrulymedia.com/csync/RX-9511f76e-aa0a-4492-a9a3-f632cea66516-003
date: Sun, 01 Dec 2024 11:09:26 GMT
pragma: no-cache
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=974D302D522F4846A94B32C88D79034D&dongle=yf3

37 B
140 B

33ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=974D302D522F4846A94B32C88D79034D&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-cache, no-store, must-revalidate
content-length: 37
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://eb2.3lift.com/xuid?mid=7969&xuid=974D302D522F4846A94B32C88D79034D&dongle=yf3
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=974D302D522F4846A94B32C88D79034D

43 B
175 B

320ms
102ms

Image
image/gif

2600:1f18:612b:4216:85ae:a309:b3cb:4fce
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=974D302D522F4846A94B32C88D79034D
Protocol: H2
Server: 2600:1f18:612b:4216:85ae:a309:b3cb:4fce Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: image/gif
server: nginx

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://simplifi.partners.tremorhub.com/sync?UISF=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=974D302D522F4846A94B32C88D79034D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=974D302D522F4846A94B32C88D79034D

95 B
427 B

25ms
25ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=974D302D522F4846A94B32C88D79034D

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 95
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/png
server: Jetty(11.0.13)

Redirect headers

strict-transport-security: max-age=31536000
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=974D302D522F4846A94B32C88D79034D
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
via: 1.1 google
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 0
date: Sun, 01 Dec 2024 11:09:26 GMT
server: Jetty(11.0.13)

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=974D302D522F4846A94B32C88D79034D
https://d.agkn.com/pixel/10751/?che=1733051366827&ip=185.213.155.173&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219843205083001486405
https://um.simpli.fi/aa_px?sk=219843205083001486405
https://um.simpli.fi/empty.gif

43 B
361 B

18ms
18ms

Image
image/gif

34.13.138.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.13.138.208 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

208.138.13.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
x-content-type-options: nosniff
access-control-allow-origin: *
content-length: 43
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
location: /empty.gif
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=974D302D522F4846A94B32C88D79034D

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 18ms
17ms Image
image/gif 34.13.138.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.13.138.208 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

208.138.13.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 19ms
18ms Image
image/gif 34.13.138.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.13.138.208 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

208.138.13.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

cms
ups.analytics.yahoo.com/ups/58726/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=974D302D522F4846A94B32C88D79034D;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=974D302D522F4846A94B32C88D79034D;mimetype=img;sr
https://cms.analytics.yahoo.com/cms?partner_id=DATCS
https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

0
108 B

82ms
70ms

Image
text/html

2a00:1288:80:807::1
YAHOO-DEB Yahoo-U...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS

Protocol

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB Yahoo-UK Limited, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
date: Sun, 01 Dec 2024 11:09:26 GMT
age: 0
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade

Redirect headers

strict-transport-security: max-age=31536000
cache-control: no-store
location: https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
content-length: 257
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
content-language: en
server: ATS

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=974D302D522F4846A94B32C88D79034D&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=974D302D522F4846A94B32C88D79034D&j=0&xl8blockcheck=1

0
767 B

30ms
30ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=974D302D522F4846A94B32C88D79034D&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-cache
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Sun, 01 Dec 2024 11:09:26 GMT
x-powered-by: Undertow/1
server: nginx
access-control-allow-credentials: true

Redirect headers

cache-control: no-cache
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=974D302D522F4846A94B32C88D79034D&j=0&xl8blockcheck=1
access-control-allow-credentials: true
content-length: 0
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif
x-powered-by: Undertow/1
server: nginx

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 22ms
21ms Image
image/gif 34.13.138.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.13.138.208 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

208.138.13.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 43
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=974D302D522F4846A94B32C88D79034D

0
421 B

458ms
111ms

Image
text/plain

52.4.194.40
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=974D302D522F4846A94B32C88D79034D
Protocol: HTTP/1.1
Server: 52.4.194.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-4-194-40.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

Date: Sun, 01 Dec 2024 11:09:26 GMT
Connection: keep-alive

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://sync.bfmio.com/sync?pid=141&uid=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H/1.1

500
Internal Server Error

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=974D302D522F4846A94B32C88D79034D

27 B
27 B

63ms
15ms

Image
text/html

2.16.253.63
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=974D302D522F4846A94B32C88D79034D
Protocol: HTTP/1.1
Server: 2.16.253.63 Hamburg, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-253-63.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Connection: keep-alive
Expires: Sun, 01 Dec 2024 11:09:26 GMT
Content-Length: 27
Date: Sun, 01 Dec 2024 11:09:26 GMT
AK-GRN: 0.f1221102.1733051366.177b6a2b
Content-Type: text/html

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://stags.bluekai.com/site/29931?id=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

404

tpid=974D302D522F4846A94B32C88D79034D
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=974D302D522F4846A94B32C88D79034D

49 B
266 B

98ms
30ms

Image
image/gif

63.32.148.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=974D302D522F4846A94B32C88D79034D
Protocol: H2
Server: 63.32.148.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-148-48.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-cache
pragma: no-cache
expires: 0
access-control-allow-origin: *
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length: 49
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif
x-server: 10.45.31.244
server: Jetty(9.4.38.v20210224)

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=974D302D522F4846A94B32C88D79034D

0
223 B

104ms
27ms

Image
text/plain

34.250.216.176
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=974D302D522F4846A94B32C88D79034D
Protocol: H2
Server: 34.250.216.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-250-216-176.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 01 Dec 2024 11:09:26 GMT
pragma: no-cache
vary: Accept-Encoding
x-merge: GDPR Optout true

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://ce.lijit.com/merge?pid=2&3pid=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=974D302D522F4846A94B32C88D79034D

0
98 B

53ms
22ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=974D302D522F4846A94B32C88D79034D
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Sun, 01 Dec 2024 11:09:26 GMT

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://idsync.rlcdn.com/419566.gif?partner_uid=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1733051366652&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHD...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDs...

42 B
64 B

49ms
49ms

Image
image/gif

142.250.181.227
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMItuTduLeGigMVv62DBx03rxbfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5qcmVzb3J0cmVuby5jb20v&is_vtc=1&cid=CAQSGwCa7L7divW-7V3WifQd0itSul0cX7xnZXizLw&random=228462047&ipr=y

Protocol

Server

142.250.181.227 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 01 Dec 2024 11:09:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1280007447&cv=7&fst=1733051366652&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbECCLHDsQIIisWxAgjCybECCOvGsQII08WxAgilxrEC&pscrd=IhMItuTduLeGigMVv62DBx03rxbfMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhxodHRwczovL3d3dy5qcmVzb3J0cmVuby5jb20v&is_vtc=1&cid=CAQSGwCa7L7divW-7V3WifQd0itSul0cX7xnZXizLw&random=228462047&ipr=y
pragma: no-cache
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length: 42
date: Sun, 01 Dec 2024 11:09:26 GMT
x-xss-protection: 0
content-type: image/gif
server: cafe

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 27ms
26ms Image
text/plain 34.13.138.208
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.13.138.208 , United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

208.138.13.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-methods: GET, POST, OPTIONS
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-origin: *
date: Sun, 01 Dec 2024 11:09:26 GMT
x-content-type-options: nosniff

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=974D302D522F4846A94B32C88D79034D
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D974D302D522F4846A94B32C88D79034D

43 B
1 KB

15ms
15ms

Image
image/gif

185.89.210.20
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D974D302D522F4846A94B32C88D79034D

Protocol

Server

185.89.210.20 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-store, no-cache, private
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials: true
x-proxy-origin: 185.213.155.173; 185.213.155.173; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin: *
an-x-request-uuid: 68075cc6-01b5-4564-8853-331f07fb3585
content-length: 43
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 01 Dec 2024 11:09:26 GMT
x-xss-protection: 0
content-type: image/gif
server: nginx/1.23.4

Redirect headers

cache-control: no-store, no-cache, private
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D974D302D522F4846A94B32C88D79034D
pragma: no-cache
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin: 185.213.155.173; 185.213.155.173; 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
expires: Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid: 2eddb123-8077-4357-b9d8-2913c29c47a1
content-length: 0
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date: Sun, 01 Dec 2024 11:09:26 GMT
x-xss-protection: 0
content-type: text/html; charset=utf-8
server: nginx/1.23.4

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=974D302D522F4846A94B32C88D79034D&expires=365

0
239 B

56ms
8ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=974D302D522F4846A94B32C88D79034D&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Pragma: no-cache
Content-Type: image/gif

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=974D302D522F4846A94B32C88D79034D&expires=365
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=974D302D522F4846A94B32C88D79034D

43 B
289 B

58ms
19ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=974D302D522F4846A94B32C88D79034D
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: private, max-age=0, no-cache
pragma: no-cache
x-forwarded-for: 185.213.155.173
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/gif
vary: Accept
server: OXGW/0.0.0

Redirect headers

strict-transport-security: max-age=63072000; includeSubdomains; preload
cache-control: no-cache
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=974D302D522F4846A94B32C88D79034D
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
expires: Sat, 30 Nov 2024 11:09:26 GMT
access-control-allow-origin: *
content-length: 142
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/html
server: openresty
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 144ms
50ms Image
image/png 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: no-cache, must-revalidate
pragma: no-cache
cross-origin-resource-policy: cross-origin
expires: Fri, 01 Jan 1990 00:00:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
date: Sun, 01 Dec 2024 11:09:26 GMT
x-xss-protection: 0
content-type: image/png
server: HTTP server (unknown)

GET
H3 200 bframe
www.google.com/recaptcha/api2/ Frame 457F 0
0 49ms
49ms Document
text/html 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=pPK749sccDmVW_9DSeTMVvh2&k=6LcwIw8TAAAAACP1ysM08EhCgzd6q5JAOUR1a0Go

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/pPK749sccDmVW_9DSeTMVvh2/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f4.1e100.net

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-_YyYZrMGU1PQ5byVZFgsZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.jresortreno.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-_YyYZrMGU1PQ5byVZFgsZA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy-report-only: same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy: cross-origin
date: Sun, 01 Dec 2024 11:09:26 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server: ESF
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 remediation-tool-free.js Show response
cdn.userway.org/remediation/2024-11-27-07-45-03/free/ 32 KB
13 KB 9ms
7ms Script
application/javascript 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/remediation/2024-11-27-07-45-03/free/remediation-tool-free.js?ts=1732693503366
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"5deb9c2444f05f1810d5a32d3059f8ec"
age: 299
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: mlRtWAiX5F02YyTnuDdhe2poeMCsO9MHPed-ZfJXpCWaqq7U4Qe1pw==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: application/javascript
last-modified: Wed, 27 Nov 2024 07:48:48 GMT
vary: Accept-Encoding
x-77-nzt-ray: 0d1fa518fc53ff6ce6434c67e909dc2a
x-77-nzt: EgwBJRPCTwH3OnMFAAwBw7WvAgG3KQAAAA
cache-control: max-age=25920000, public
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357178
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-27-07-45-03/ 30 KB
5 KB 9ms
8ms Stylesheet
text/css 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-27-07-45-03/widget_base.css?v=1732693503366
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"35af998bd342763044abead4df839374"
age: 299
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: mMbTq1rLQ-6D84YJEKo9RzalNnTXtswhe2EFvJj0Ay4nz1XJhtqt8A==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 07:47:53 GMT
vary: Accept-Encoding
x-77-nzt-ray: 0d1fa518fb608464e6434c67c274dd2a
x-77-nzt: EgwBJRPCTwH3OnMFAAwBJRPCNAG3KQAAAA
cache-control: max-age=864000, public
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357178
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-27-07-45-03/ Frame 5074 30 KB
0 10ms
10ms Stylesheet
text/css 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-27-07-45-03/widget_base.css?v=1732693503366
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"35af998bd342763044abead4df839374"
age: 299
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: mMbTq1rLQ-6D84YJEKo9RzalNnTXtswhe2EFvJj0Ay4nz1XJhtqt8A==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 07:47:53 GMT
vary: Accept-Encoding
x-77-nzt-ray: 0d1fa518fb608464e6434c67c274dd2a
x-77-nzt: EgwBJRPCTwH3OnMFAAwBJRPCNAG3KQAAAA
cache-control: max-age=864000, public
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357178
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 widget_base.css
cdn.userway.org/styles/2024-11-27-07-45-03/ Frame 457F 30 KB
0 11ms
11ms Stylesheet
text/css 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.userway.org/styles/2024-11-27-07-45-03/widget_base.css?v=1732693503366
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"35af998bd342763044abead4df839374"
age: 299
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: mMbTq1rLQ-6D84YJEKo9RzalNnTXtswhe2EFvJj0Ay4nz1XJhtqt8A==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: text/css
last-modified: Wed, 27 Nov 2024 07:47:53 GMT
vary: Accept-Encoding
x-77-nzt-ray: 0d1fa518fb608464e6434c67c274dd2a
x-77-nzt: EgwBJRPCTwH3OnMFAAwBJRPCNAG3KQAAAA
cache-control: max-age=864000, public
via: 1.1 68b2682a924ac399aa2724b5b439e75c.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357178
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 body_wh.svg
cdn.userway.org/widgetapp/images/ 4 KB
3 KB 9ms
8ms Image
image/svg+xml 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/body_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: 21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"1d8b1582fe82bd329041cc1982ad42e4"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: oC_CWQf3-A_ucmVDByd4_bxHNZURuk38_qatRuH7Dw6YBWiFEJoMAQ==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/svg+xml
x-77-nzt-ray: 0d1fa518fb608464e6434c672247002c
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 07:48:38 GMT
x-77-nzt: EgwBJRPCTwH3O3MFAAwBJRPCNAG3KAAAAA
cache-control: max-age=25920000, public
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357179
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 spin_wh.svg
cdn.userway.org/widgetapp/images/ 2 KB
1 KB 9ms
8ms Image
image/svg+xml 2a02:6ea0:c700::101
CDN77 Datacamp Li...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.userway.org/widgetapp/images/spin_wh.svg
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c700::101 Frankfurt am Main, Germany, ASN60068 (CDN77 Datacamp Limited, GB),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash: c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
content-encoding: gzip
etag: W/"8e0a35946bf39d10f46a1f1653366a0a"
x-77-cache: HIT
access-control-allow-methods: GET, HEAD, PUT, POST, DELETE
x-amz-cf-id: z81ufvCUkm5T5wGLYTnZSA0s1k13rkDZ_3o8d6iIz93_fMkLASfuQg==
date: Sun, 01 Dec 2024 11:09:26 GMT
content-type: image/svg+xml
x-77-nzt-ray: 0d1fa518fb608464e6434c67bb10042c
vary: Accept-Encoding
last-modified: Wed, 27 Nov 2024 07:48:38 GMT
x-77-nzt: EgwBJRPCTwH3PHMFAAwB1GY4EQG3KAAAAA
cache-control: max-age=25920000, public
via: 1.1 319f376925908156190f5fc160137b42.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-77-pop: frankfurtDE
x-77-age: 357180
x-amz-cf-pop: FRA60-P3
server: CDN77-Turbo
x-amz-server-side-encryption: AES256

GET
H2 200 portalDetails.json Show response
rt3api-prd.ttaws.com/portals/ 2 KB
1 KB 472ms
242ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/portals/portalDetails.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

c993b8867eefbb9e00739b297af51a56038d8d452e08873d726873a18aacd6f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 details.json Show response
rt3api-prd.ttaws.com/hotels/ 17 KB
3 KB 439ms
209ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/hotels/details.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

c86ac555f336d99b4428ea8a2044ccd49bd50dfe3fe7fef691673efe1507b1e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
content-length: 2058
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 special_rates.json Show response
rt3api-prd.ttaws.com/hotels/ 11 KB
2 KB 506ms
276ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/hotels/special_rates.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

834aa5fe44a0808039f4427ae327d731f3a5215c51cb6590bcc6957db8f2e0e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 rooms.json Show response
rt3api-prd.ttaws.com/hotels/ 253 KB
11 KB 428ms
199ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/hotels/rooms.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=&rooms=1

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

a17ce5480cd3285a82ee533c224605a46f9b5a0b8addcb5a7752e3a1c95c7f53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
content-length: 10378
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 recentBookings Show response
rt3api-prd.ttaws.com/ext/ 18 KB
2 KB 341ms
112ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/ext/recentBookings?propertyCode=SRCREN&timeCutOffMinutes=2880

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

a6d2156e41a4969fe9ba592dc640c2b2f0447cb083b2194a1c12639e335e8dee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
content-length: 1475
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
content-language: de-DE
x-frame-options: DENY

GET
H2 200 tt-logo-grey-highres.png
plugins.traveltripper.io/images/ 22 KB
23 KB 10ms
10ms Image
image/png 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plugins.traveltripper.io/images/tt-logo-grey-highres.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c820652c8f7fd81abf1f3fafea51450e449165998c24963ebc053c66913cb3b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

cache-control: max-age=604800
etag: "ba58c2d116302abb904f68709729bdef"
age: 302160
via: 1.1 5f2b92535eb1297cf75fcc5a4a4e50cc.cloudfront.net (CloudFront)
x-cache: Hit from cloudfront
content-length: 22823
x-amz-cf-id: 43uGAKrkne5fhMGgAYG1SsINIOaP_eICSQ9VICukCGz0Q-zIe3gQSw==
date: Wed, 27 Nov 2024 23:13:28 GMT
content-type: image/png
last-modified: Tue, 03 Aug 2021 13:40:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12

GET
H2 200 arrow-right.png
plugins.traveltripper.io/v4.0.0/images/ 4 KB
4 KB 127ms
127ms Image
image/png 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plugins.traveltripper.io/v4.0.0/images/arrow-right.png
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9f0602875e2ec8e447e9c8eba2e235f5551b157c71513123a11f7529ac1a32e8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css

Response headers

etag: "d5ced67c5b198739de759690dde8c6ff"
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: RefreshHit from cloudfront
content-length: 3598
x-amz-cf-id: QtL7zM4dWTTMZkbLcURUbkL8Gyo-a2edNi3cvnI4ZWXvo5jQAgZ6pw==
date: Sun, 01 Dec 2024 11:09:28 GMT
content-type: image/png
last-modified: Fri, 15 Oct 2021 19:49:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
DATA 200
OK truncated
/ 320 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: feff3ee6faaf374a24514d48870fd1ae41b3f98a3b96ab7b11319b0a23240175

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b36e2dd941348e9ffe146b969e4a8d103d97cbc12d78cec0bac7f0047750deec

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer

Response headers

Content-Type: image/svg+xml

GET
H2 200 ElegantIcons.woff
plugins.traveltripper.io/fonts/ 62 KB
63 KB 12ms
11ms Font
font/woff 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/fonts/ElegantIcons.woff
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css

Response headers

cache-control: max-age=604800
etag: "fdd9e757bf61675343dcf55100422b84"
age: 573785
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 63664
x-amz-cf-id: Ms_Bcb6WYf8bIUtBbyvQvuzAyjVl-tYaAsCNX2a3BYe_SmZB3C_e1w==
date: Sun, 24 Nov 2024 19:46:23 GMT
content-type: font/woff
last-modified: Tue, 03 Aug 2021 13:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 OpenSans-Regular.ttf
plugins.traveltripper.io/fonts/OpenSans/ 212 KB
213 KB 34ms
32ms Font
font/ttf 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/fonts/OpenSans/OpenSans-Regular.ttf
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css

Response headers

cache-control: max-age=604800
etag: "629a55a7e793da068dc580d184cc0e31"
age: 457534
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 217360
x-amz-cf-id: naG6aoYsgLUHcIeeO7lx3NRQKAEW-JRUTOkvRdZKZesmRp8aHpiXLg==
date: Tue, 26 Nov 2024 04:03:54 GMT
content-type: font/ttf
last-modified: Tue, 03 Aug 2021 13:40:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 OpenSans-Italic.ttf
plugins.traveltripper.io/fonts/OpenSans/ 208 KB
209 KB 19ms
18ms Font
font/ttf 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/fonts/OpenSans/OpenSans-Italic.ttf
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a54dc8488f8193bf30c3820cf6f261f911f9d328d699e1a1b8042641554cec70

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css

Response headers

cache-control: max-age=604800
etag: "c7dcce084c445260a266f92db56f5517"
age: 573785
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 212896
x-amz-cf-id: FFdTPs0D2uoDYJ84Ke3zrLc_YDwoBiFgGF0I72ELbjV1imx9_gCVHQ==
date: Sun, 24 Nov 2024 19:46:23 GMT
content-type: font/ttf
last-modified: Tue, 03 Aug 2021 13:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 OpenSans-Bold.ttf
plugins.traveltripper.io/fonts/OpenSans/ 219 KB
220 KB 49ms
48ms Font
font/ttf 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/fonts/OpenSans/OpenSans-Bold.ttf
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css

Response headers

cache-control: max-age=604800
etag: "50145685042b4df07a1fd19957275b81"
age: 457534
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 224592
x-amz-cf-id: YxZ54H-yqHZrdoIuwCRIs7Ty8RfLWqRsHGaBD3kf23ps4Ygnux5d5g==
date: Tue, 26 Nov 2024 04:03:54 GMT
content-type: font/ttf
last-modified: Tue, 03 Aug 2021 13:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 OpenSans-Light.ttf
plugins.traveltripper.io/fonts/OpenSans/ 217 KB
218 KB 40ms
39ms Font
font/ttf 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/fonts/OpenSans/OpenSans-Light.ttf
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css

Response headers

cache-control: max-age=604800
etag: "1bf71be111189e76987a4bb9b3115cb7"
age: 573785
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 222412
x-amz-cf-id: 1Mk7EOxxshx_FMpkLtvju58rn4Vlhmrw7wAzinpj1ZqFOyF13FshZg==
date: Sun, 24 Nov 2024 19:46:23 GMT
content-type: font/ttf
last-modified: Tue, 03 Aug 2021 13:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 OpenSans-Semibold.ttf
plugins.traveltripper.io/fonts/OpenSans/ 216 KB
217 KB 45ms
44ms Font
font/ttf 2600:9000:2724:f200:3:6e74:fdc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.traveltripper.io/fonts/OpenSans/OpenSans-Semibold.ttf
Requested by: Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2724:f200:3:6e74:fdc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin: https://www.jresortreno.com
Referer: https://plugins.traveltripper.io/v4.0.1/css/conversion-plus-base-theme.min.css

Response headers

cache-control: max-age=604800
etag: "33f225b8f5f7d6b34a0926f58f96c1e9"
age: 457534
access-control-allow-methods: GET
via: 1.1 43be4ee3b8e339e1d27addbbdc49a4d4.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-cache: Hit from cloudfront
content-length: 221328
x-amz-cf-id: S0rfhI6QlGBrjtKy76I-PJu0jXr_C8fpAfpfqdyO1FjK_Nc4OXPZZw==
date: Tue, 26 Nov 2024 04:03:54 GMT
content-type: font/ttf
last-modified: Tue, 03 Aug 2021 13:40:13 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P12
vary: Origin

GET
H2 200 rate_calendar.json Show response
rt3api-prd.ttaws.com/hotels/ 2 KB
808 B 298ms
297ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/hotels/rate_calendar.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=&start_date=2024-12-01&end_date=2024-12-08&adults_0=1&children_0=0&rooms=1&ip_address=185.213.155.173&rate_code=&offer_code=

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

c0f5fb664a4c8283613cfff869d8a0412b4ddd5b046fe7b982c42f782abf9ca3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 rooms.json Show response
rt3api-prd.ttaws.com/hotels/ 289 KB
12 KB 558ms
558ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/hotels/rooms.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=&arrival_date_0=2024-12-08&departure_date_0=2024-12-09&adults_0=1&children_0=0&rooms=1&rate_code=&offer_code=&ip_address=185.213.155.173

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

aeed601ad2bd437e402cf75303e2e76cda6a1f8342e43b91b240e3a2186963cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
content-length: 12092
date: Sun, 01 Dec 2024 11:09:28 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 rateshopping.json Show response
rt3api-prd.ttaws.com/hotels/ 394 B
774 B 115ms
115ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/hotels/rateshopping.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=&arrival_date=2024-12-08&departure_date=2024-12-09&popular_only=false&num_rates_display=5&client_ip=185.213.155.173&lowest_rate=&search_lowest=true&adults%5B%5D=1&children%5B%5D=0&rooms=1

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

e6acf7767cfbfd66692123b38a6eb58e9bc5330e05d85bef2b5b2d70b646a39a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
date: Sun, 01 Dec 2024 11:09:27 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 rooms.json Show response
rt3api-prd.ttaws.com/hotels/ 289 KB
12 KB 520ms
519ms XHR
application/json 34.192.38.101
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rt3api-prd.ttaws.com/hotels/rooms.json?hotel_id=SRCREN&portal_id=jresortreno&locale=en&currency=USD&device_type=&arrival_date_0=2024-12-08&departure_date_0=2024-12-09&adults_0=2&children_0=0&rooms=1&rate_code=&offer_code=&ip_address=185.213.155.173

Requested by

Host: plugins.traveltripper.io
URL: https://plugins.traveltripper.io/v4.0.1/cp.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.192.38.101 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-192-38-101.compute-1.amazonaws.com

Software

web /

Resource Hash

0e6285e5b8c49138b19cb44e0efc30bda563511988222229692e4887f3a4532b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Accept: */*
Referer: https://www.jresortreno.com/

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,x-requested-with,origin,accept,client-security-token
strict-transport-security: max-age=0
access-control-max-age: 1000
content-encoding: gzip
access-control-allow-credentials: true
x-content-type-options: nosniff
access-control-allow-methods: POST, GET, OPTIONS, DELETE, PUT
access-control-allow-origin: *
content-length: 12087
date: Sun, 01 Dec 2024 11:09:28 GMT
content-type: application/json;charset=UTF-8
vary: Origin,Accept-Encoding,User-Agent
server: web
x-frame-options: DENY

GET
H2 200 status Show response
api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.jresortreno.com%2F/DESKTOP/WIDGET_OFF/ 77 B
454 B 178ms
177ms Fetch
application/json 2600:1f14:5db:eb11:df1d:902f:6ac2:6827
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.userway.org/api/a11y-data/v0/page/https%3A%2F%2Fwww.jresortreno.com%2F/DESKTOP/WIDGET_OFF/status
Requested by: Host: cdn.userway.org
URL: https://cdn.userway.org/widgetapp/2024-11-27-07-45-03/widget_app_base_1732693503366.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1f14:5db:eb11:df1d:902f:6ac2:6827 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer: https://www.jresortreno.com/

Response headers

access-control-max-age: 3000
access-control-expose-headers: Content-Range, Content-Length, ETag, Content-Type
cache-control: no-cache, no-store, must-revalidate
etag: W/"4d-wYLRLrbWidRwnfhEvoB+Y2U04NY"
access-control-allow-methods: GET, HEAD, PUT, PATCH, POST, DELETE
access-control-allow-origin: *
content-length: 77
date: Sun, 01 Dec 2024 11:09:31 GMT
content-type: application/json; charset=utf-8
x-service-version: seo-w-eb3c4543
vary: Accept-Encoding
access-control-allow-headers: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js

Domain: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/locale/de-de.js

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=974D302D522F4846A94B32C88D79034D

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

28 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.jresortreno.com/	1970-01-21 11:00:11	Name: _ga_2DEJ97N63V Value: GS1.1.1733051364.1.0.1733051364.60.0.0
.jresortreno.com/	1970-01-21 11:00:11	Name: _ga Value: GA1.1.964917866.1733051364
.simpli.fi/	1970-01-21 10:11:13	Name: suid Value: 974D302D522F4846A94B32C88D79034D
.jresortreno.com/	1970-01-21 03:33:47	Name: _fbp Value: fb.1.1733051364761.423180358196488406
adservices.brandcdn.com/	1970-01-21 01:34:16	Name: AWSALBCORS Value: wb39Dk+z75z+kigxsRB091e+lJG16b/VIOwuJcz20gEgvKWCBt65bBAOGT3E8g39HZFQd+oQWmmkET7KcRAkjDx3RySvpUjOBIPv1GpI1QKvv7GQGEI8P8hCdAFk
.activehosted.com/	1970-01-21 01:24:13	Name: __cf_bm Value: zJYLXgsDG8WHzWVLyWofdVbVcH5heqw1mWDG2o8mfg4-1733051365-1.0.1.1-piOjr0tvWJRCMn_kYDv.acO2e.VZMUwOLaBszLl14RRb0.eUonff1NRYoEEmiGumqiRizsWmGggl_gGqb9GsZg
www.jresortreno.com/	1970-01-21 02:07:23	Name: csrf_token Value: b15b8de3-8b94-40c6-9a97-33c3f7995f1f
www.jresortreno.com/	1970-01-21 01:24:12	Name: ipAddress Value: %22185.213.155.173%22
.simpli.fi/	1970-01-21 01:34:16	Name: uid_syncd_secure Value: true
.1rx.io/	1970-01-21 10:09:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9511f76e-aa0a-4492-a9a3-f632cea66516-003%22%7D
.tapad.com/	1970-01-21 02:50:35	Name: TapAd_TS Value: 1733051366786
.tapad.com/	1970-01-21 02:50:35	Name: TapAd_DID Value: 6bbda60e-a025-4885-9bcd-589d7019d1fb
.adnxs.com/	1970-01-21 03:33:47	Name: XANDR_PANID Value: f59U2pw__37cq2r0sGlK0Bp0KG50Qvc2ktGK9wItLBfzd5qSnvlYt5aySn2UA1U_ekahvhIiSWS2V2nM7vLNl5Gz1sr8FysmJxlMZgDsDj4.
.adnxs.com/	1970-01-21 11:00:11	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-21 03:33:47	Name: uuid2 Value: 1684544445373007087
.adnxs.com/	1970-01-21 03:33:47	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2E>xx6Z[*!@wnfH8KW.dG5<#Z0s#XnfUd6oG5p:oGZp3DhmC@nfhqiGlq>6HN@Oun_iqsML+v@%(2K:$doS]%6lOB4HN:?
.tapad.com/	1970-01-21 02:50:35	Name: TapAd_3WAY_SYNCS Value:
.pro-market.net/	1970-01-21 05:43:23	Name: anProfile Value: "1ctc1t6hhpd91+1+1f=1+1g=1+1j=41+rs=s+rt=2A031B200006F011000000000000005E+s2=(sntazq)+vm=24-974D302D522F4846A94B32C88D79034D"
.pro-market.net/	1970-01-21 02:07:23	Name: anHistory Value: "1ctc1t6hhpd91+2+!#7')%i#b2Y"
.targeting.unrulymedia.com/	1970-01-21 10:09:47	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-9511f76e-aa0a-4492-a9a3-f632cea66516-003%22%7D
.agkn.com/	1970-01-21 10:09:47	Name: ab Value: 0001%3AKjyQ10%2FEPR5yKLAbMXVP23sxWYs712ux
www.jresortreno.com/	1970-01-21 01:25:37	Name: xapikey Value: %220b8EaeZi738EhsOd7l8ye7WXARFSDoQO7Wlr1iRl%22
.exelator.com/	1970-01-21 04:16:59	Name: EE Value: "a66f571369904f71a8838a0ad2d86966"
.doubleclick.net/	1970-01-21 01:24:12	Name: test_cookie Value: CheckForPermission
.agkn.com/	1970-01-21 10:09:47	Name: u Value: C\|0AAAAAAAALt8AZgAAAAAA
.exelator.com/	1970-01-21 04:16:59	Name: ud Value: "eJxrXxzq6XKLQSHRzCzN1NzQ2MzS0sAkzdww0cLC2CLRIDHFKMXCzNLMbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDYcEl%252BUWb6IhfXxUUpaQyLSopPBZ888BUAaLQqaA%253D%253D"
.bfmio.com/	1970-01-21 10:09:47	Name: __141_cid Value: 974D302D522F4846A94B32C88D79034D
.bfmio.com/	1970-01-21 10:09:47	Name: __io_cid Value: 4027b68b1a6622bfef1bcd76001a41f61f88dee5

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=974D302D522F4846A94B32C88D79034D Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://stags.bluekai.com/site/29931?id=974D302D522F4846A94B32C88D79034D Message: Failed to load resource: the server responded with a status of 500 (Internal Server Error)
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=974D302D522F4846A94B32C88D79034D Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
adservices.brandcdn.com
api.userway.org
app.termly.io
auth.conversion-plus.ec.pegs.com
bcp.crwdcntrl.net
cdn.userway.org
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
d1eoo1tco6rr5e.cloudfront.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
ip-geo-lookup.ec.pegs.com
jeinevada.activehosted.com
loadm.exelator.com
pixel.rubiconproject.com
pixel.tapad.com
plugins.traveltripper.io
region1.analytics.google.com
rt3api-prd.ttaws.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
sitemanager.web.pegs.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.brandcdn.com
tag.simpli.fi
thejresort.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.jresortreno.com
adservices.brandcdn.com
cdnjs.cloudflare.com
sync.intentiq.com
104.17.24.14
104.18.31.234
13.225.83.200
13.248.245.213
142.250.181.227
142.250.185.131
157.240.0.35
157.240.251.9
172.217.16.194
18.198.150.105
18.245.31.29
185.89.210.20
2.16.253.63
2001:4860:4802:32::36
216.58.206.68
216.58.212.130
2600:1901:0:8eee::
2600:1f14:5db:eb11:df1d:902f:6ac2:6827
2600:1f18:612b:4216:85ae:a309:b3cb:4fce
2600:9000:20eb:cc00:7:e536:8b00:93a1
2600:9000:223f:2000:1b:5138:8a40:93a1
2600:9000:2724:f200:3:6e74:fdc0:93a1
2600:9000:275d:5c00:15:ac14:880:93a1
2606:4700::6811:ce1f
2a00:1288:80:807::1
2a00:1450:4001:810::2008
2a00:1450:4001:82f::200a
2a00:1450:400c:c00::9a
2a02:6ea0:c700::101
3.20.231.156
3.33.220.150
3.33.251.168
34.111.113.62
34.13.138.208
34.192.38.101
34.250.216.176
34.98.64.218
35.204.89.238
35.244.174.68
46.228.174.117
50.28.39.171
52.16.237.161
52.4.194.40
54.78.254.47
63.32.148.48
69.173.144.165
0069a4778609dd9575c307921131a0e0e2cbcf451024f379ded568f511d8f8df
01681015815e521e794d23f5d59fbd77f14c0cc7f103459c66629e5082cac75a
09d301bae71a643b79f209295ad0e6359d0db758e33ed8e5e9326f0bdc91ed01
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e6285e5b8c49138b19cb44e0efc30bda563511988222229692e4887f3a4532b
0edadf920302d4919133e8431c1e8e7bac32f2e3017d74a124922976b8f36c61
163c14fb2ecce293f00e8d2145951b256c707b2faca552adebe3d00f8563c22b
1e939dd4e41c4eab2ef3ab1e1014785c5d97649edc99cd6c16f5a5bbdff0732f
213db684cdce365531d938c7757d1169dbe630fffa6fa70e17f60d7c2eae8c9f
21eb1e487c899c6192c31800445bfb81caa7ff1fca550ea3fdb3444834d85710
229d4496b8a7702f8e3e5d9ec3e317d70cc3fbe37cff073e8e7f9e6a443ff120
2310e624b9596807db7f43f3ecbef3105116c2064693c5e2237215b4ca4a5b39
287e3b371dd26d330623091628e3feec8c4167bb7f3563c16e07de8ea4c3a10e
2914a075c28ac56a59a672912ef4c3e338b4474270cd1329a037098c4296b050
2973b7b8d207e4f88dfeab7ffd5067afd73ed876643e1b619e4f10f50c7d1f22
2b929249952644e76b1bbd37a2510cce17385123162880911c3d0112d8b41bca
2bddf99238a9c38e50c0e788928250de2f4fc54947ae5a4b08639d4c8eba198f
2ddbed48aa5e8ea742e94f058de4104bcd8d180f670a63f2b985fee287045055
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
323bdc4b394aaf7983339dafaddb7c1a0e331ad4f2a94fe3a9f91e7f6912b96e
3494b135b88a2df096c0b6f56bfee07fa8bd14a0c06909a24ee24a973e83021c
3d85397a8f126f2ab21db77314ab8dce2c6e2c69e14dbfcfa156bf16e08ac065
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
40c5707a5a23aef62fb757b395fd8170aeb5ad9a2eb4ed029149540c7890c0a6
43974ed74066b207c30ffd0fed5146762e6c60745ac977004bc14507c7c42b50
45737ca837751d395fa958d29a3c504f600c6d96e78238a81c2fa5eda48ee45a
47d039e4d8043bf5bde43f9a5f9bfeeb64144441f0ba80b2d0e729c93c0395be
4840122cf17386ac8d0f90658199a32090fd7ed81ba2b61a1b58ac35a39640b8
498852d14ab400f1d8151685e8b5dd39e60265a74db923b3fb6c4b54d538c7a6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d380ccb1249390d149a4a56e9d6c964ab8ada916c88ab84f71da5de385aef4e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
527bf3dacc5eb62211130fe4bf315c682861320ab25b4aa2efe6ea87a760db8c
55253d8358140e67f3ef2f249a9d4af5c989a136767ab7e35198bfcb3cdb3d8b
55bd442d45ef481e3f0eb795894dd94f1a5e38f2a4847c2f49371010e1e013c2
55df65669428d0b066ae1bfc966f0cc7b01f4ad922703d8b346b538f3121cd88
5607bc0b49036b5f13acf3f5767e0fb2fb947f5369bda253939e78e2b11f85b4
5894a3649b213cf5b2d673b6e7a871815fd1d120fa68a463592f27db14eae323
59f3b89a7f6a8ad2338a6e8ec29bf3d0469e80300ef86e463f0f2b3a5b4f7e46
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
668d8d5ed461b617002c02ce837c25500fadba04c4ac7ad8d51e940ab12de531
677779dfe4fc37eedc51c1fa63893b89b265b48cc675700a815d90d92cad3108
6ce4437e1aaacb62aa4499cdc379f27b0b7cc44f8a0bc3a45ef6ce48ce8a36b0
6e79aeee4cbc317a3b6e18c8887ed2c1659ad8eb27431d1896a075ed935a9149
6ff706719bc74499e616ecb1cd8ed507b7237c2b96aaf49dae49322e823d69a9
7398e6e9526eece851b08f3a3830d4c802e213f917e2c0973d53aa5a170d56cb
7495f0968dd2caf5d5aa157acbb151344b5cdfba4cfc8e03ac57174cf7f16071
76437be54ed4aacd84274a4c3c741a1ef3c4d300ea86457d4ae30daf63527c15
76b846b097bad8ead846946e41f9e44b5bfc9420184ac1902664a7253227422d
77a06bf6284fec0b775cf14676604d95666f60f69bd50dd45242eb7450411433
79b378e8f3c1fece39a1472a2e7d920ab80eb5881525a1622d9dbaa954aa23c3
834aa5fe44a0808039f4427ae327d731f3a5215c51cb6590bcc6957db8f2e0e0
8557d0d4a3a77ef439897822a8d28604ed44fccee8fd471a56a5ece3c0a3e32d
86411ce1f7b5114524a1193a7d9a2f7e94a2640fab45ce09a9b71a188f0869b1
87f5458223f2b95dacce02b50940aa178f34affa482546f3dfb58c8c90047f51
88b751b3f08735661365128058f28edc413eece132e9042290b277060be0369c
8c820652c8f7fd81abf1f3fafea51450e449165998c24963ebc053c66913cb3b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
903d663af0f592b04baedfd909e66629b5c9e05004308353fe8839b36f10cbef
94b8ec2b5a9f5de874facfb78d276313ad73c83ffc056651aeaa69fc1925f031
96f19de27dedbf66b16366f3e5a38420f757b8aa96a223def1ae817a366d2f74
9a19938485ca7f6c582d3f78d17d9e443d26b260cac24c9dd9499f70b5d28390
9bf4a052d1f4f7fc6d876d301f1d9d8833e513637818d88a1ffa4d983a85d862
9d12f6dea4753a8d25537214864460bb650cf9d8bec240f67b95da6d1563f392
9f0602875e2ec8e447e9c8eba2e235f5551b157c71513123a11f7529ac1a32e8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a17ce5480cd3285a82ee533c224605a46f9b5a0b8addcb5a7752e3a1c95c7f53
a54dc8488f8193bf30c3820cf6f261f911f9d328d699e1a1b8042641554cec70
a6d2156e41a4969fe9ba592dc640c2b2f0447cb083b2194a1c12639e335e8dee
aa3b0ef53db12e3d45094030cac0e69d384e44cc5978643dd4390041cad546e2
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
aeed601ad2bd437e402cf75303e2e76cda6a1f8342e43b91b240e3a2186963cb
b36e2dd941348e9ffe146b969e4a8d103d97cbc12d78cec0bac7f0047750deec
b87e46673619690c5e68cabaa0c79e184b767052a3c4ad934e5c9c8c35945cd7
baa23592a5c5949121a1d78df235dab59b077f77ca7229fe9ad0e6b03ad630a9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd7b9189671a30cf30a66791c887b4d2af5afa113190d223d0049f822f4e399b
be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
c0f5fb664a4c8283613cfff869d8a0412b4ddd5b046fe7b982c42f782abf9ca3
c239fbd2387ceff073b22f05559eb6a3a9425ccde003eccb22a998429465302f
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c39e6c6c7ff5cc23bfabe363ab4fa93c295de050c731700296e2f77f8677a9d8
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c46936850cfa993988f2c32b0b04a5c4b0f94c30d36aca502626befbd2b802de
c641e00ad8796d33949cf3dc5006ed871c859cc94c038c801aed507d5448de20
c665f7fecfa0839cb9c51044a9d1cf6c042bac71ffce083431071a012823e73d
c86ac555f336d99b4428ea8a2044ccd49bd50dfe3fe7fef691673efe1507b1e9
c993b8867eefbb9e00739b297af51a56038d8d452e08873d726873a18aacd6f5
c9cb05392a6bc8d37ff40ae56d41bb1fd000b520816b51e030cd156b679c4323
cb7d89ec543e1abfe415c32a8b7e34f5c5042f53e51c28b48c78c5218efdd9c0
ccc47cb490248d443c26d27741b7fdcefcd18f1c328d339d4b0a6bd45eae590c
ccf29bf1122c13da436d4262a69298603224f21f7085a70605a5abad7481fbc6
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5f5184c1441a1660aa52526328e9d5c2793e77b6d8d3a3ad654bdb07ab8424
d2f13447bd89c56bad76bac2e4e551ac6b611f40503104b70ee26812afe5a94c
d32cf4660b8933bc2c7fcd86e6cc9d6088966d1cc7b471fa24691006b004af09
d340a454892f3ce93f09b4b0bfc15c81f43f36ede763389a13be178122a4d652
d3c79bd7ec9e3b465f0b821cf931be66542bff3694f7c70e0aeae0f6d7036756
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd0793c73bea3c2ee1b60aabbf155117d000d84056bc8be47dc51605c0da78c3
dfeacc805211607b0d8fdec96c429ad6497457d9fe2f00e8ab8a7c94f6bea2cd
e08b9308574a8ba4b714e5b2666443bbb969471bf4f66d47a05442681520088d
e24843d5201f699c6738be8517a9ef2dbc0a24a854cc8781802c1c038e3cdc60
e2dad9be7c0982b97544ae04177fa4ea1e8cd277cd76ba0120e94d9de989760a
e3756efa4fdef1a5db9612108bfdac10cfa777397e5167b1ab0a3ef38d11f973
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
e6acf7767cfbfd66692123b38a6eb58e9bc5330e05d85bef2b5b2d70b646a39a
e8183507b37f3df80ea253b144745ed58784f5b4465b5216fbf9e314df592d06
eb0fe61bfdad1e9d777769289b20a7f9258bc13ee02727a810c580aac088ab00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8ee2dd5a4b293d6bdea85da0f46b24bdc539536d272a87a5cfcf9f508ec818
efe9a2fb4c99ac53bda2ca8fa2983d758214bf0400019ab83aec819280887e5b
f4a9f0660f5c68ff763c6f5eb2d89f977cc2a61ed5d3f2688a2257de0f65fef3
f65784e5e7332dc1e4bbeacbec70fdeef4a1bea84f16ce2ee144999719d195ce
f6d2a0d610ca24a20a48233f2959dbaf4188e1440ca25ba52071377e894cdcf0
f77bec5bae72102193664f01c1b1be9fe2eece760b40d4b70be5142b871895ae
f946524acc560dd90b948b0aecec2d0775f9d8c0f2105fecaf0618d68da4a134
fecd846483814004893afa46d4431ecbf8a16eb3242196c9881fdf24ea14e065
feff3ee6faaf374a24514d48870fd1ae41b3f98a3b96ab7b11319b0a23240175

www.jresortreno.com Open in urlscan Pro 50.28.39.171 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

86 %HTTPS

30 %IPv6

41 Domains

52 Subdomains

42 IPs

7 Countries

17523 kBTransfer

22549 kBSize

28 Cookies

16 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.jresortreno.com Open in urlscan Pro
50.28.39.171 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

86 %
HTTPS

30 %
IPv6

41
Domains

52
Subdomains

42
IPs

7
Countries

17523 kB
Transfer

22549 kB
Size

28
Cookies

140 HTTP transactions
7 data transactions