www.resortscasino.com Open in urlscan Pro
104.16.179.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbmIN
Effective URL:
https://www.resortscasino.com/p/vip-20/exclusive/
Submission: On January 09 via manual (January 9th 2024, 6:47:19 am UTC) from IN — Scanned from DE

Summary HTTP 111 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 50 IPs in 8 countries across 45 domains to perform 111 HTTP transactions. The main IP is 104.16.179.60, located in and belongs to CLOUDFLARENET, US. The main domain is www.resortscasino.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 12th 2023. Valid for: a year.

This is the only time www.resortscasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.187.172.5 199.187.172.5	36351 (SOFTLAYER) (SOFTLAYER)
1 1	209.124.85.247 209.124.85.247	55293 (A2HOSTING) (A2HOSTING)
21	104.16.179.60 104.16.179.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
1	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.154.63.87 18.154.63.87	16509 (AMAZON-02) (AMAZON-02)
2 6	185.89.210.90 185.89.210.90	29990 (ASN-APPNEX) (ASN-APPNEX)
6	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.79.141 35.201.79.141	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	3.136.125.130 3.136.125.130	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:626c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.86 108.157.4.86	16509 (AMAZON-02) (AMAZON-02)
1	54.194.142.151 54.194.142.151	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::1	203220 (YAHOO-DEB) (YAHOO-DEB)
2 3	185.167.164.43 185.167.164.43	198622 (ADFORM) (ADFORM)
1	37.157.5.71 37.157.5.71	198622 (ADFORM) (ADFORM)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.157.249.250 35.157.249.250	16509 (AMAZON-02) (AMAZON-02)
1 2	18.66.248.94 18.66.248.94	16509 (AMAZON-02) (AMAZON-02)
4 4	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
3	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f177:185:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	18.173.233.14 18.173.233.14	16509 (AMAZON-02) (AMAZON-02)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.215.99.216 34.215.99.216	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	107.154.132.121 107.154.132.121	19551 (INCAPSULA) (INCAPSULA)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19 25	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:224... 2600:9000:224a:2800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:cf3b:d950:bab4:515a	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	35.156.188.18 35.156.188.18	16509 (AMAZON-02) (AMAZON-02)
1 1	52.29.118.238 52.29.118.238	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.10 18.245.60.10	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
1 2	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.44.250.119 52.44.250.119	14618 (AMAZON-AES) (AMAZON-AES)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.171.10.251 54.171.10.251	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.86 216.52.2.86	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	54.71.12.84 54.71.12.84	16509 (AMAZON-02) (AMAZON-02)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
111	50

1 199.187.172.5 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: tbjjbihbhcf.turbo-smtp.net

tsmtpclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.124.85.247 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: server.getscaled.com

clients.getscaled.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 104.16.179.60 (None, )

ASN13335 (CLOUDFLARENET, US)

www.resortscasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.154.63.87 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-154-63-87.dus51.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.89.210.90 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.79.141 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 141.79.201.35.bc.googleusercontent.com

sdk-cdn.optimove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.136.125.130 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-125-130.us-east-2.compute.amazonaws.com

collector-562.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:626c (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-86.dus51.r.cloudfront.net

cdn.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.142.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-142-151.eu-west-1.compute.amazonaws.com

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::1 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.43 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.249.250 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-250.eu-central-1.compute.amazonaws.com

geo-tracker.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.248.94 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-94.dus51.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.66 (United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f177:185:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.233.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-14.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.215.99.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-99-216.us-west-2.compute.amazonaws.com

js-api.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.132.121 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.121.ip.incapdns.net

resortactracksdk.optimove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

resorts.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.204.74.118 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:2800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:cf3b:d950:bab4:515a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.188.18 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-188-18.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.118.238 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-118-238.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-10.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.78.254.47 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.250.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-250-119.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.10.251 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-10-251.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.86 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.71.12.84 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-12-84.us-west-2.compute.amazonaws.com

js-content.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 7462 i.simpli.fi — Cisco Umbrella Rank: 6388 um.simpli.fi — Cisco Umbrella Rank: 1428	12 KB
21	resortscasino.com www.resortscasino.com	1 MB
10	doubleclick.net 5 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	6 KB
7	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	1 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3600 ekr.zdassets.com — Cisco Umbrella Rank: 4357	349 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4002	949 B
6	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 793 ib.adnxs.com — Cisco Umbrella Rank: 356	6 KB
5	otherlevels.com cdn.otherlevels.com — Cisco Umbrella Rank: 87294 js-api.otherlevels.com — Cisco Umbrella Rank: 42783 js-content.otherlevels.com — Cisco Umbrella Rank: 82879	39 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1255 trc.taboola.com — Cisco Umbrella Rank: 960 trc-events.taboola.com — Cisco Umbrella Rank: 2320	23 KB
4	adform.net 2 redirects a2.adform.net — Cisco Umbrella Rank: 12667 s2.adform.net — Cisco Umbrella Rank: 7751	33 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 3732 pbid.pro-market.net — Cisco Umbrella Rank: 16052	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
3	smadex.com 2 redirects geo-tracker.smadex.com — Cisco Umbrella Rank: 10287 cm.smadex.com — Cisco Umbrella Rank: 3977	952 B
3	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 16972 in.getclicky.com — Cisco Umbrella Rank: 13598	6 KB
3	optimove.net sdk-cdn.optimove.net — Cisco Umbrella Rank: 28058 resortactracksdk.optimove.net	12 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	282 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 3106	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 973 d.agkn.com — Cisco Umbrella Rank: 1340	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 857	712 B
2	zendesk.com resorts.zendesk.com	2 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 876	7 KB
2	tvsquared.com collector-562.tvsquared.com	9 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	59 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 930	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 620	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 173	546 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 764	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1432	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1624	445 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 3080	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1479
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10133	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 731	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1035	237 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2033	631 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	affec.tv go.affec.tv — Cisco Umbrella Rank: 14304	231 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	3 KB
1	bounceexchange.com tag.bounceexchange.com — Cisco Umbrella Rank: 5592	249 B
1	getscaled.com 1 redirects clients.getscaled.com	486 B
1	tsmtpclick.com 1 redirects tsmtpclick.com	312 B
0	springserve.com Failed datplus.springserve.com Failed
111	45

	Domain	Requested by
25	um.simpli.fi	19 redirects
21	www.resortscasino.com	www.resortscasino.com
6	www.google.de	www.resortscasino.com
6	static.zdassets.com	www.googletagmanager.com static.zdassets.com
5	www.google.com	1 redirects www.resortscasino.com
5	secure.adnxs.com	2 redirects www.resortscasino.com www.googletagmanager.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
4	cm.g.doubleclick.net	4 redirects
3	a2.adform.net	2 redirects www.resortscasino.com
3	www.googletagmanager.com	www.resortscasino.com www.googletagmanager.com
2	trc-events.taboola.com	cdn.taboola.com
2	js-content.otherlevels.com	cdn.otherlevels.com
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	resorts.zendesk.com	static.zdassets.com
2	js-api.otherlevels.com	cdn.otherlevels.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cm.smadex.com	1 redirects www.resortscasino.com
2	trc.taboola.com	www.resortscasino.com cdn.taboola.com
2	s.yimg.com	www.resortscasino.com s.yimg.com
2	static.getclicky.com	www.resortscasino.com
2	collector-562.tvsquared.com	www.resortscasino.com
2	sdk-cdn.optimove.net	www.googletagmanager.com sdk-cdn.optimove.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ib.adnxs.com
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	in.getclicky.com	static.getclicky.com
1	resortactracksdk.optimove.net	sdk-cdn.optimove.net
1	sp.analytics.yahoo.com	www.resortscasino.com
1	ekr.zdassets.com	static.zdassets.com
1	script.hotjar.com	static.hotjar.com
1	www.facebook.com	www.resortscasino.com
1	region1.google-analytics.com	www.googletagmanager.com
1	geo-tracker.smadex.com	1 redirects
1	tag.simpli.fi	www.googletagmanager.com
1	s2.adform.net	www.resortscasino.com
1	go.affec.tv	www.googletagmanager.com
1	cdn.otherlevels.com	www.resortscasino.com
1	static.hotjar.com	www.resortscasino.com
1	connect.facebook.net	www.resortscasino.com
1	cdn.taboola.com	www.googletagmanager.com
1	tag.bounceexchange.com	www.resortscasino.com
1	clients.getscaled.com	1 redirects
1	tsmtpclick.com	1 redirects
0	datplus.springserve.com Failed	www.googletagmanager.com
111	64

This site contains links to these domains. Also see Links.

Domain
blog.resortscasino.com
clicky.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tag.bounceexchange.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.optimove.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-05` - `2024-02-05`	a year	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.getclicky.com E1	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.otherlevels.com Amazon RSA 2048 M01	`2023-07-25` - `2024-08-22`	a year	crt.sh
affec.tv Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
resorts.zendesk.com Cloudflare Inc ECC CA-3	`2023-03-30` - `2024-03-29`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.resortscasino.com/p/vip-20/exclusive/
Frame ID: 264A3A32CF5157B8AF3D6DAEDED6444A
Requests: 102 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: 93BE6FD5D16BC98765C72CBCB14E48DD
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

VIP20- 100% up to $500 First Time Deposit - ResortsCasino.com

Page URL History Show full URLs

https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbmIN HTTP 302
https://clients.getscaled.com/campaigns/fv742dqkwncd5/track-url/zf124fdkx6432/32ef8a753f1db2cd7696c0696fe4... HTTP 301
https://www.resortscasino.com/p/vip-20/exclusive/ Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

111
Requests

77 %
HTTPS

25 %
IPv6

45
Domains

64
Subdomains

50
IPs

8
Countries

2221 kB
Transfer

7274 kB
Size

83
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.resortscasino.com/
Title: News

Search URL Search Domain Scan URL

URL: http://clicky.com/101132698

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbmIN HTTP 302
https://clients.getscaled.com/campaigns/fv742dqkwncd5/track-url/zf124fdkx6432/32ef8a753f1db2cd7696c0696fe4208b553638f2 HTTP 301
https://www.resortscasino.com/p/vip-20/exclusive/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17

https://secure.adnxs.com/seg?add=5150196&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1

Request Chain 26

https://secure.adnxs.com/seg?add=16909360&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16909360%26t%3D1

Request Chain 28

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 31

https://geo-tracker.smadex.com/hyperad/pixel-tracking?order=110876&action=homepage&rand=1079234885 HTTP 302
https://cm.smadex.com/match?sm_r=dc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=K1RaT25LNXdTQ2lXdklkenZzbHNidz09&sm_p=dc HTTP 302
https://cm.smadex.com/sync?sm_p=dc

Request Chain 71

https://a2.adform.net/Serving/TrackPoint/?pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=295618873029&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=295618873029&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 80

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 81

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/8D8DDD8D220547F3AD952818C9149EC5 HTTP 302
https://sync.1rx.io/usersync/simplifi/8D8DDD8D220547F3AD952818C9149EC5?zcc=1&cb=1704782835271 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-54be7896-b0f8-455a-8f91-239d47d27996-003

Request Chain 82

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=8D8DDD8D220547F3AD952818C9149EC5&dongle=yf3

Request Chain 83

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 84

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=8D8DDD8D220547F3AD952818C9149EC5 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 85

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=8D8DDD8D220547F3AD952818C9149EC5 HTTP 302
https://d.agkn.com/pixel/10751/?che=1704782835266&ip=217.114.218.23&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216873104756000529670 HTTP 302
https://um.simpli.fi/aa_px?sk=216873104756000529670 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 86

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 89

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=8D8DDD8D220547F3AD952818C9149EC5;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=8D8DDD8D220547F3AD952818C9149EC5;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NDAwMzMzNTkxNjIzNDAzNDMxMg== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEEVKyi6B4V_rKuF17uw-hSU&google_cver=1

Request Chain 90

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=8D8DDD8D220547F3AD952818C9149EC5&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=8D8DDD8D220547F3AD952818C9149EC5&j=0&xl8blockcheck=1

Request Chain 92

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 93

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 94

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 95

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 96

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 97

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704782835041&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8-ucZejMCrii78EPuu2IyAQ&sscte=1&crd=&pscrd=IhMIqJK9-trPgwMVONE7Ah26NgJJ HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqJK9-trPgwMVONE7Ah26NgJJ&is_vtc=1&ocp_id=8-ucZejMCrii78EPuu2IyAQ&cid=CAQSKQAvHhf_PBaHZZr-NDsfdPk3_fb7Lkux5tILs7bYQbrV0bXC1NN46_dS&random=1540791791 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqJK9-trPgwMVONE7Ah26NgJJ&is_vtc=1&ocp_id=8-ucZejMCrii78EPuu2IyAQ&cid=CAQSKQAvHhf_PBaHZZr-NDsfdPk3_fb7Lkux5tILs7bYQbrV0bXC1NN46_dS&random=1540791791&ipr=y

Request Chain 99

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 100

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8D8DDD8D220547F3AD952818C9149EC5&expires=365

Request Chain 101

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8D8DDD8D220547F3AD952818C9149EC5

Request Chain 102

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEEm8JC2g3OQaEQekhdb9CYk&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D8DDD8D220547F3AD952818C9149EC5 HTTP 302
https://um.simpli.fi/g_match?id=

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.resortscasino.com/p/vip-20/exclusive/
Redirect Chain

https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbmIN
https://clients.getscaled.com/campaigns/fv742dqkwncd5/track-url/zf124fdkx6432/32ef8a753f1db2cd7696c0696fe4208b553638f2
https://www.resortscasino.com/p/vip-20/exclusive/

50 KB
11 KB

591ms
536ms

Document
text/html

104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5431eb1c68d1f2d823516b30656ade17a41fccb33c54ab46df3ea6d0d5f6c778

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 842aba450bc039df-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 06:47:13 GMT
server: cloudflare
vary: Cookie, Accept-Language
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-url: /p/vip-20/exclusive/
x-whom: n03p110xwpws003

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate post-check=0,pre-check=0
content-length: 0
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 06:47:12 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 09 Jan 2024 06:47:12 GMT
location: https://www.resortscasino.com/p/vip-20/exclusive/
pragma: no-cache
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30

GET
H2 200 main.min.css
www.resortscasino.com/static/stylesheets/compiled/casinoresorts/ 452 KB
59 KB 46ms
46ms Stylesheet
text/css 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8ff93a0afcec29e7a03cbf2d81aa8b8d7a328e9a91c633c43ba237b939d04aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:16:58 GMT
server: cloudflare
age: 330422
etag: W/"63f720fa-70e4f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 842aba486dec39df-FRA
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 deviceatlas-custom.min.js Show response
www.resortscasino.com/static/javascripts/libs/ 5 KB
2 KB 32ms
32ms Script
application/javascript 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/static/javascripts/libs/deviceatlas-custom.min.js

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ed6671978ad2dcceb01b7dc2da1dfff7b78e020226faf64cb5ac83617665a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
age: 330422
etag: W/"63f720f9-13e4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 842aba486ded39df-FRA
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 341 KB
102 KB 86ms
41ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a3c3d9384396dc93fab215fd20f83761536f2d406e92a61588fc5afd15ddcfab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104044
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 06:47:14 GMT

GET
H2 200 rg_logo.png
www.resortscasino.com/media/filer_public/ab/70/ab70d39c-5bac-468b-a715-eef9cad2f228/ 3 KB
3 KB 372ms
371ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/ab/70/ab70d39c-5bac-468b-a715-eef9cad2f228/rg_logo.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bc4fec5ee42fd1438fc4ce0f5ec547f949ee8f5f4753bfb9e6e38962756b68

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: MISS
last-modified: Mon, 23 Mar 2020 09:34:35 GMT
server: cloudflare
etag: "5e7882ab-d18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba48ee2e39df-FRA
content-length: 3352
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 dge.png
www.resortscasino.com/media/filer_public/1c/6e/1c6e3dda-1fa3-4d88-a860-6a090d685c40/ 17 KB
17 KB 449ms
449ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/1c/6e/1c6e3dda-1fa3-4d88-a860-6a090d685c40/dge.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885ab9db27d62a92a91f1bb8fa1dcc9ffd1da8512f32f8af2f9d452587d940ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: MISS
last-modified: Mon, 23 Mar 2020 09:34:35 GMT
server: cloudflare
etag: "5e7882ab-42ba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba48ee3039df-FRA
content-length: 17082
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 resorts_desktop_120x120_white.png
www.resortscasino.com/media/filer_public/a8/5e/a85e2550-c4a5-4d50-9889-b932f5262257/ 4 KB
4 KB 382ms
381ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/a8/5e/a85e2550-c4a5-4d50-9889-b932f5262257/resorts_desktop_120x120_white.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9392bfe29ae4a6b417d8d07f0e2b63a02c3336d061ba2214af8abe58f12877

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: MISS
last-modified: Mon, 23 Mar 2020 09:41:35 GMT
server: cloudflare
etag: "5e78844f-f29"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba492e5e39df-FRA
content-length: 3881
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 btn_signIn.png
www.resortscasino.com/static/images/casinoresorts/ 1 KB
1 KB 377ms
376ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/static/images/casinoresorts/btn_signIn.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bacdb548e164cf35287770db84873bbb8d2da7f85a04fb4ba9c8b692d773fd1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
etag: "63f720f9-4af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba492e5f39df-FRA
content-length: 1199
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 resorts_arctic_express_gutters_left.png
www.resortscasino.com/media/filer_public/57/a5/57a5ed51-bd62-4834-bcba-38119e8854a8/ 175 KB
175 KB 612ms
611ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/57/a5/57a5ed51-bd62-4834-bcba-38119e8854a8/resorts_arctic_express_gutters_left.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66500550e48a6abc5bd9c051226c62135d6d142e7464d3c19d7990746291920a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Dec 2023 14:50:42 GMT
server: cloudflare
etag: "658edcc2-2bbd0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba492e6239df-FRA
content-length: 179152
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 bullet.png
www.resortscasino.com/static/images/casinoresorts/ 1 KB
1 KB 378ms
377ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/static/images/casinoresorts/bullet.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

78ccfe8d43da22a6308bba19d9ebe39f0c6cdaedeaeed7f4df7a3f1d2f0d6241

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
etag: "63f720f9-4fb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba492e6339df-FRA
content-length: 1275
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 resorts_arctic_express_gutters_right.png
www.resortscasino.com/media/filer_public/b8/37/b837fb0f-812a-4684-814f-9d8c4998e8fa/ 177 KB
178 KB 541ms
541ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/b8/37/b837fb0f-812a-4684-814f-9d8c4998e8fa/resorts_arctic_express_gutters_right.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b213373c49a311f1200af0708d87166b94db6fae492576dc4b8cd7519dce3b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: MISS
last-modified: Fri, 29 Dec 2023 14:50:43 GMT
server: cloudflare
etag: "658edcc3-2c52b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba492e6639df-FRA
content-length: 181547
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 main.min.js Show response
www.resortscasino.com/static/javascripts/compiled/casinoresorts/ 1 MB
335 KB 33ms
32ms Script
application/javascript 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8032c6d54e10e902616320a7214dbf15a76b71358b328e8e3c450eb99f332c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
age: 330422
etag: W/"63f720f9-170358"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 842aba496e8839df-FRA
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 brwr_resorts_nj.js Show response
www.resortscasino.com/static_builds/brand-wrapper/ 2 MB
523 KB 35ms
35ms Script
application/javascript 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d14974aac0633678cfb9d8c21bae04a1616d7f225bdfa4b5fca75e17f49ef7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:49:20 GMT
server: cloudflare
age: 330421
etag: W/"63f72890-1df2bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 842aba496e8a39df-FRA
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 341 KB
108 KB 44ms
43ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2ce126bac21a255b2d16aa93eac7b5609e149832ef3c1fc5beaa7735e7dc336b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110567
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 06:47:14 GMT

GET
H2 200 i.js Show response
tag.bounceexchange.com/1338/ 18 B
249 B 97ms
20ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/1338/i.js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aec10ed4786a967d972236584c6925194567c19572110d64e2ea63b727c529b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 22:28:36 GMT
via: 1.1 google
server: istio-envoy
age: 29918
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
x-envoy-upstream-service-time: 0
x-region: us-central1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1559287/ 66 KB
20 KB 73ms
22ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ba29f9f342c18191f7170127613f80ae12418f65fea4aa4844fff528862c845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: otdv.dckOtDdCf0ucNXXMp3ut128D2OR
content-encoding: gzip
via: 1.1 varnish
date: Tue, 09 Jan 2024 06:47:14 GMT
x-amz-request-id: 9FSAMM9YSW8AFK5C
age: 3681
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 20411
x-amz-id-2: KfgwQhCYx98OTNEHgJY9ofUr6WDAeUtBSUL62ujjCkDl9w2nhmkP7KscNamzkh7/EpCjzXFhXo0=
x-served-by: cache-fra-etou8220094-FRA
last-modified: Sun, 07 Jan 2024 12:07:45 GMT
server: AmazonS3
x-timer: S1704782834.249948,VS0,VE1
etag: "c18d1dcacd531dd6f12da27107112d31"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 53
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 65ms
20ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0e646639e6ae46b7ba1f54c1f5a853464391a41964a045adc61cd0f3b647c331

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 06:47:14 GMT
content-md5: ykgw4hzYI4cx2N7qlz3cqA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2165
reporting-endpoints
x-fb-debug: CdyO3C1qq1cD57hyWzf4Sb9dgZG+vud5uDKmFqTPSoj4TWC0yNFipeA6lzOn9HLDqXbWSXnZQobqhKtc+SWFeA==
x-fb-content-md5: ddadea1b1fae0c09e95082c01175dc41
cross-origin-opener-policy: same-origin-allow-popups
etag: "b33e8a08e8b72d9bc3ff4d525fe438a3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 09 Jan 2024 07:04:02 GMT

GET
H2 200 hotjar-88150.js Show response
static.hotjar.com/c/ 9 KB
4 KB 71ms
21ms Script
application/javascript 18.154.63.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-88150.js?sv=5

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.154.63.87 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-154-63-87.dus51.r.cloudfront.net

Software

Resource Hash

a231e0c02ad917ff91617656d5c03d1bec42c77d8a99a5494e7480e628b2a486

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 06:47:12 GMT
via: 1.1 0c2e3c68974911a31f9fdb2f3522c7d0.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P4
age: 2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/8e1a5e00c3a881ce93faaf9240f18b78
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: BUK9jgZqabu1acNMnU7mqOmRW-23p3PYQtpYfl5HjzEh2sVG-hE37g==

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=5150196&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1

212 B
1 KB

37ms
37ms

Script
application/javascript

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

f76ba93a0ba83b8293fec79374fba39a5b44bbafe99ea2b5e97f067e87dc7c55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 914d5865-c5f5-4fea-9648-502f188d47dc
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 212
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 673e6549-901a-4ee0-8d18-7c4514fd50b4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1
x-proxy-origin: 217.114.218.23; 217.114.218.23; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 77ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=01306d6b-d2d3-43d8-96ad-c30435828788

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Y5X5GZE4HHG839TQ
age: 58
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RM/Xac5Ym6vCMgnmpw9hjjs3KfZK3vW5efXyKCw7LBOUVq20xYHf3f8s4U7Ck3vb4ECb2EVGf+z9D+kU2IvFFQ==
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PtMrFI0Cb0vJT2%2Ffy5K%2F4O9%2BfpLxkcEejJ%2BxJ4rQaeoArGLXw0BhGQS%2BmnaOFFPoAaupf1606VlRJ8DJJgt5jYD4fvLWiV5HVpKuVE%2F55QrAJP8WuixovWnXjyGKS4Fd21Leokw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 842aba4a0a45bb35-FRA

GET
H2 200 sdk-v1.0.1.js Show response
sdk-cdn.optimove.net/websdk/ 57 KB
11 KB 167ms
122ms Script
text/plain 35.201.79.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.1.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.79.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.79.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c07a1ff7aa4100e7246ce4a9c8b633648ec12addd93fcf1a51a5c728d5dadb0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPols7QDsa3ncRqH1qk0kpKmqbKR2jkjDl73s4kuvAKzhKihAcYyH3wSw9xcmydd1AhDr6krJNH7
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10289
last-modified: Tue, 20 Feb 2018 16:00:45 GMT
server: UploadServer
etag: "44853453876eb39299f8bc18fc6da402"
x-goog-hash: crc32c=av1Aag==, md5=RIU0U4dus5KZ+LwY/G2kAg==
x-goog-generation: 1519142445437909
content-language: en
content-type: text/plain
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 10289
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 34ms
33ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-822849185

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3b8f402ebf10aae3cc02f5202328110626c2c9e741467d35495fb93df65348ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73363
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 06:47:14 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-562.tvsquared.com/piwik/ 20 KB
9 KB 488ms
114ms Script
application/javascript 3.136.125.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-562.tvsquared.com/piwik/tv2track.js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.125.130 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-125-130.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 13:50:22 GMT
Server: nginx
ETag: "6542579e-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Tue, 09 Jan 2024 06:57:14 GMT

GET 288
datplus.springserve.com/px/tag/ 0
0

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 80ms
29ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 21:48:56 GMT
server: cloudflare
age: 291493
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 842aba4a185a8ff8-FRA
alt-svc: h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H/1.1 200
OK otherlevels.js Show response
cdn.otherlevels.com/js-sdk/ 126 KB
37 KB 124ms
22ms Script
application/javascript 108.157.4.86
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=91bbf7114c10a0b186796a4a633fc98e
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-86.dus51.r.cloudfront.net
Software: /
Resource Hash: 1286879e461d713585a76ee3e422d862060c3bfda30097e242660ddfb084aa1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:12 GMT
Content-Encoding: gzip
Via: 1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P2
Age: 2
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=172800
Connection: keep-alive
Content-Length: 37797
X-Amz-Cf-Id: O7pU1eegeZocPmDlA9jMj1YeOeVikEeghgD7mbJDEBYpm_AgxIbbyg==

GET
H2 204 5c473dd579fbec000cb6f3d7 Show response
go.affec.tv/j/ 0
231 B 187ms
45ms Script
text/plain 54.194.142.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/5c473dd579fbec000cb6f3d7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.142.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-142-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 04 Apr 1990 00:00:00 GMT
date: Tue, 09 Jan 2024 06:47:14 GMT
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=16909360&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16909360%26t%3D1

0
975 B

37ms
37ms

Script
application/javascript

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16909360%26t%3D1

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 751fe694-a3bf-4d72-b44e-0940e5450567
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 160c409b-360d-45f3-872b-c49409a1685b
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D16909360%26t%3D1
x-proxy-origin: 217.114.218.23; 217.114.218.23; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 156ms
26ms Script
application/javascript 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Tue, 09 Jan 2024 06:25:21 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: VMCH5NSRFDYC2JZ8
age: 1314
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: dDUsAzmzKndAc+ybjHTg3Ny0mH8UekME06frnjvGXetmtixAwRNssT1mg4ea69uj1HlI7nWyO98=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

118ms
29ms

Script
application/javascript

37.157.5.71
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: H2
Server: 37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000aa4f78c365c7aee5-00646c8ee1-32957f68-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 09 Jan 2024 06:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 24133590-8dea-013b-adc3-0cc47abd0334 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 155ms
27ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/24133590-8dea-013b-adc3-0cc47abd0334
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 981e9dbd0169453bdef25e3118a3fe7b6b3d8f5b646da2439214fc5f0aa1d077

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F6ia9KBg0P4qKOtQz83B
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 mark
trc.taboola.com/1559287/log/3/ 0
286 B 39ms
30ms Image
image/gif 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1559287/log/3/mark?marking-type=External&item-url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&gtmcb=1387413786
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Tue, 09 Jan 2024 06:47:14 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7309
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220094-FRA
pragma: no-cache
server: nginx
x-timer: S1704782834.304099,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

204

sync
cm.smadex.com/
Redirect Chain

https://geo-tracker.smadex.com/hyperad/pixel-tracking?order=110876&action=homepage&rand=1079234885
https://cm.smadex.com/match?sm_r=dc
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=K1RaT25LNXdTQ2lXdklkenZzbHNidz09&sm_p=dc
https://cm.smadex.com/sync?sm_p=dc

0
302 B

114ms
114ms

Image
text/plain

18.66.248.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.smadex.com/sync?sm_p=dc
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: H2
Server: 18.66.248.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-94.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
via: 1.1 5e696cef0c57cc6cd171bf72fe757bf4.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: XZPXgk0w8dRGq6qJvbRgVnEBhrenWcT7MVUR3ACSBrnx8bO-n1Dmmg==
x-cache: Miss from cloudfront

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.smadex.com/sync?sm_p=dc
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 badge.gif
static.getclicky.com/media/links/ 241 B
404 B 28ms
28ms Image
image/gif 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getclicky.com/media/links/badge.gif
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 16 Jan 2024 06:47:14 GMT
date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Apr 2016 00:13:35 GMT
server: cloudflare
age: 291470
etag: "570d8f2f-f1"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 842aba4a989a8ff8-FRA
alt-svc: h3=":443"; ma=86400
content-length: 241
x-proxy-cache: MISS

GET
H2 200 / Show response
www.resortscasino.com/api/constance/ 559 B
465 B 158ms
158ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/constance/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b383920bd7e1d8a93b2eefa47b5f8dde56ff0f8db69d414da5c14eba7cc8066

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/constance/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws001
cf-ray: 842aba4a2ef839df-FRA

GET
H2 200 / Show response
www.resortscasino.com/api/events/geolocation/ 334 B
235 B 410ms
409ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/events/geolocation/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fe5baf32720c554475c55bd1505cf5e84783c4456ce67c65aa43607508c4ca

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/events/geolocation/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws003
cf-ray: 842aba4a3efc39df-FRA

GET
H2 200 / Show response
www.resortscasino.com/api/events/session-extension/ 247 B
355 B 408ms
408ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/events/session-extension/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbad34cb83db532affa31ba77436a63686936eb43376880022152a58bd9cf45

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/events/session-extension/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws002
cf-ray: 842aba4a3eff39df-FRA

GET
H2 200 / Show response
www.resortscasino.com/api/translations/en/ 228 KB
38 KB 518ms
518ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/translations/en/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04208ea43b2b51c5a05863fdb5f4c248125040d4cbb9deed84e2b3a557e6ebda

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/translations/en/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws002
cf-ray: 842aba4a3f0039df-FRA

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 74ms
20ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 05:22:27 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5087
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jan 2024 07:22:27 GMT

POST
H2 200 / Show response
www.resortscasino.com/common/log/ 40 B
127 B 427ms
426ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/common/log/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1cb57eab48e93e07eaa3e64ff0cc810c1cdd27a7534008efcb81f0712115cb8

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
accept-language: de-DE,de;q=0.9
X-CSRFToken: e8xFUKccXlZ0r46726CZM7y5MRbQGsDxob2ZkOgA4TvxnTfRolMjjogrZLWr8PCu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie
content-language: en
x-url: /common/log/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: n03p110xwpws001
cf-ray: 842aba4adf5639df-FRA
content-length: 40

GET
H2 200 / Show response
www.resortscasino.com/api/translations//en/bonuscodes,account,two_factor_auth/ 20 KB
5 KB 418ms
417ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/translations//en/bonuscodes,account,two_factor_auth/?output_format=react

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10ac8e6f76747c1475e8d310c109e553207bde8f24601414b26845fe525606e

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
accept-language: de-DE,de;q=0.9
X-CSRFToken: e8xFUKccXlZ0r46726CZM7y5MRbQGsDxob2ZkOgA4TvxnTfRolMjjogrZLWr8PCu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/translations/en/bonuscodes,account,two_factor_auth/?output_format=react
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws004
cf-ray: 842aba4adf5839df-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 107ms
61ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FQ0H43EGGW&gtm=45je4130v881813852z871005047&_p=1704782834039&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1360956274.1704782834&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704782834&sct=1&seg=0&dl=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&dt=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2135
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
258 B 81ms
27ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FQ0H43EGGW&cid=1360956274.1704782834&gtm=45je4130v881813852z871005047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 26ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K0JNZQ9WRQ&gtm=45je4130v881813852z871005047&_p=1704782834039&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1360956274.1704782834&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704782834&sct=1&seg=0&dl=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&dt=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&en=page_view&_fv=1&_ss=1&tfd=2137
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721005222/ 3 KB
1 KB 108ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721005222/?random=1704782834391&cv=11&fst=1704782834391&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&hn=www.googleadservices.com&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&auid=808874443.1704782834&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3fa0bd83d19c098e0b6af35bedb2a1537b3a296f43b6a9b0807196a675a35c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1322
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957670763/ 3 KB
2 KB 86ms
61ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957670763/?random=1704782834396&cv=11&fst=1704782834396&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&hn=www.googleadservices.com&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&auid=808874443.1704782834&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7e0ede8b7e6f46b73a4687c149e26d79e97366305fdc033ce10955ff2116a6dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1321
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 80ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FQ0H43EGGW&cid=1360956274.1704782834&gtm=45je4130v881813852z871005047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=550020288

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 61ms
20ms Image
text/plain 2a03:2880:f177:185:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1376853382613673&ev=PixelInitialized&dl=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&rl=&if=false&ts=1704782834404

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:185:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jan 2024 06:47:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 modules.abdef350bc65bc59cb61.js Show response
script.hotjar.com/ 220 KB
55 KB 92ms
26ms Script
application/javascript 18.173.233.14
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-88150.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.233.14 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-233-14.dus51.r.cloudfront.net

Software

Resource Hash

5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 9de95acefc7f3768292e6951facd4ecc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 72548
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55659
last-modified: Mon, 08 Jan 2024 10:37:27 GMT
etag: "80c44d9c04a527e3fdaa01818eb305c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: jtkCLFdAGqx6MJbSp-OXFypgVhuYYIIn05DlmyuaFubpLXv0Vo4hug==

GET
H2 200 json Show response
trc.taboola.com/1559287/trc/3/ 2 KB
1 KB 44ms
43ms Script
application/javascript 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1559287/trc/3/json?tim=1704782834441&data=%7B%22id%22%3A37%2C%22ii%22%3A%22%2Fp%2Fvip-20%2Fexclusive%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704782834438%2C%22cv%22%3A%2220240107-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F%3F%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-cmcnallyresortsaccom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704782834441%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 764a4fb3b4d97d4e4831bcb12331dc3f556aaae7e7824dd845b99e31f05f36ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 23
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.1946875
x-fastly-to-nlb-rtt: 7227
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220094-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1704782834.494122,VS0,VE23
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 seg Show response
secure.adnxs.com/ 0
973 B 36ms
35ms Script
application/javascript 185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=5150224&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 1c090d10-a152-4d43-b29c-117e0505e016
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.23; 217.114.218.23; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 01306d6b-d2d3-43d8-96ad-c30435828788 Show response
ekr.zdassets.com/compose/ 2 KB
2 KB 243ms
193ms Fetch
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/01306d6b-d2d3-43d8-96ad-c30435828788

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=01306d6b-d2d3-43d8-96ad-c30435828788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d232a0ad874c69bd4a9f24dd74f4576f14b64dae289cd7eb759c802191e633

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8308fa600e4c32d3-SEA, 8308fa600e4c32d3-SEA
x-runtime: 0.013541
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"33d232a0ad874c69bd4a9f24dd74f457"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DjvvROOIo%2FMRLblV30%2B3Gi%2BsMW5tGxXwT9Ud%2FZ1U5SRpTB%2FdvLO8uuHZoN%2BtjLseaEiIw3U7tNkw36hTBrAPH8%2FQmmj%2B6sHguO%2B2mOJ4cd9ZNm9X9oihx1hhBwQHOe46arQ%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 842aba4bab6d37fc-FRA

GET
H2 200 1.0.0.js Show response
sdk-cdn.optimove.net/webconfig/b59812a64cbe7437124258f7a920b24066caf9e8d471bf66e05459e3923e5d03/ 4 KB
1 KB 122ms
121ms Script
application/javascript 35.201.79.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-cdn.optimove.net/webconfig/b59812a64cbe7437124258f7a920b24066caf9e8d471bf66e05459e3923e5d03/1.0.0.js
Requested by: Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.79.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.79.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6a393fa0deff75c761b596183b83ecfb6aecbd3788c298130073a1b98cd91585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPpyhWbLMXPLKdTOdY3XZn3o3cHnLGX8FHNPOQHyAc0MPbVk1aJKGstNVR9rRppYWq7vMbdr0FRB
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804
last-modified: Tue, 07 Mar 2023 13:02:55 GMT
server: UploadServer
etag: "6e1f27120f3f432e715a6b5559027dbb"
vary: Accept-Encoding
x-goog-hash: crc32c=mWa5mQ==, md5=bh8nEg8/Qy5xWmtVWQJ9uw==
x-goog-generation: 1678194174963202
content-language: en
content-type: application/javascript
cache-control: public,max-age=300
x-goog-stored-content-length: 804
accept-ranges: bytes

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/822849185/ 3 KB
1 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822849185/?random=1704782834458&cv=11&fst=1704782834458&bg=ffffff&guid=ON&async=1&gtm=45be4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&hn=www.googleadservices.com&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&auid=808874443.1704782834&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-822849185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a79af71f49dab5b1f8a753260a92388dd2f4a49f8dfa6536a1559551b79d79fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1302
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 10076868.json Show response
s.yimg.com/wi/config/ 2 B
463 B 76ms
26ms XHR
application/json 2a00:1288:80:807::1
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10076868.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::1 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 09 Jan 2024 06:47:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ARFM8TWE2HCG1YDS
age: 2
content-length: 2
x-amz-id-2: 6pC69eMHClXXpgozU80xQ62DyVaqt4yXyijsdkcNj4tneiUWLAKKfEaTqftIziUsTW69XAUrreA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 27ms
26ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1713516588&t=pageview&_s=1&dl=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&ul=en-us&de=UTF-8&dt=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=697787512&gjid=627384533&cid=1360956274.1704782834&tid=UA-59913499-1&_gid=1932871158.1704782834&_r=1&_slc=1&gtm=45He4130n71NLM93Xv71005047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=22311178

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.resortscasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content session
js-api.otherlevels.com/0.8/ Frame 0
0 769ms
187ms Preflight 34.215.99.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.99.216 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-99-216.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.resortscasino.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Date: Tue, 09 Jan 2024 06:47:15 GMT
Server: Tengine
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK session Show response
js-api.otherlevels.com/0.8/ 3 B
816 B 192ms
192ms XHR
text/plain 34.215.99.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Requested by

Host: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=91bbf7114c10a0b186796a4a633fc98e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.99.216 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-99-216.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.resortscasino.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 09 Jan 2024 06:47:15 GMT
X-Content-Type-Options: nosniff, nosniff
Connection: keep-alive
Content-Length: 3
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Request-Id: sdkapi-f824a482-0bb6-4092-818b-43be17d2f488
Pragma: no-cache;
Server: Tengine
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-Id
Cache-Control: no-store, must-revalidate, no-cache, max-age=0;
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Expires: Mon, 01 Jan 0001 00:00:00 GMT;

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 28ms
28ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-59913499-1&cid=1360956274.1704782834&jid=697787512&gjid=627384533&_gid=1932871158.1704782834&_u=YADAAAAAAAAAAC~&z=1081198489

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.resortscasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957670763/ 42 B
108 B 79ms
33ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957670763/?random=1704782834396&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_FzHI2cUrhzlpMBUN2cFlI4zd6gVWqw&random=1959188100&rmt_tld=0&ipr=y

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957670763/ 42 B
154 B 32ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957670763/?random=1704782834396&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_FzHI2cUrhzlpMBUN2cFlI4zd6gVWqw&random=1959188100&rmt_tld=1&ipr=y

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/721005222/ 42 B
154 B 77ms
32ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721005222/?random=1704782834391&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_uxLXs_ZQaffXwPRREaIVxp9mV8VVEA&random=3188087149&rmt_tld=0&ipr=y

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/721005222/ 42 B
108 B 33ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/721005222/?random=1704782834391&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_uxLXs_ZQaffXwPRREaIVxp9mV8VVEA&random=3188087149&rmt_tld=1&ipr=y

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/822849185/ 42 B
108 B 79ms
34ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/822849185/?random=1704782834458&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_rTaSH8C8uEfazsX-lSeLn8TZzzIqXA&random=2693437320&rmt_tld=0&ipr=y

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/822849185/ 42 B
108 B 34ms
34ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/822849185/?random=1704782834458&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&frm=0&tiba=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_rTaSH8C8uEfazsX-lSeLn8TZzzIqXA&random=2693437320&rmt_tld=1&ipr=y

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
631 B 148ms
48ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2009%20Jan%202024%2006%3A47%3A14%20GMT&n=-1&b=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&.yp=10076868&f=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jan 2024 06:47:14 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 48ms
31ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59913499-1&cid=1360956274.1704782834&jid=697787512&_u=YADAAAAAAAAAAC~&z=663359109

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59913499-1&cid=1360956274.1704782834&jid=697787512&_u=YADAAAAAAAAAAC~&z=663359109

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 404 piwik.js
resortactracksdk.optimove.net/ 0
0 257ms
165ms Script
text/html 107.154.132.121
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://resortactracksdk.optimove.net/piwik.js
Requested by: Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.121.ip.incapdns.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 in.php Show response
in.getclicky.com/ 98 B
259 B 191ms
184ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101132698&href=%2Fp%2Fvip-20%2Fexclusive%2F&title=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&res=1600x1200&lang=en-US&tz=Europe%2FBerlin&tc=&ck=1&x=br341j
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066ecc231bdde1a2949331b7218f0b49fd09905886f44d54201e6b50be569f6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 842aba4c999b8ff8-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK piwik.php
collector-562.tvsquared.com/piwik/ 42 B
276 B 113ms
113ms Image
image/gif 3.136.125.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-562.tvsquared.com/piwik/piwik.php?action_name=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&idsite=TV-453672-1&rec=1&r=162480&h=7&m=47&s=14&url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&_id=c4f38a441ab214fc&_idts=1704782835&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=698
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.125.130 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-125-130.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Tue, 09 Jan 2024 06:47:14 GMT
Server: nginx
Connection: keep-alive
Request-Id: 060f6da5-d688-4cad-a8ab-0037540eaf26
Content-Length: 42
Content-Type: image/gif

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 93BE 923 KB
265 KB 40ms
39ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=01306d6b-d2d3-43d8-96ad-c30435828788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 3038297
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=27FaWqgV1%2BcWuZgiLrhZe7VF8hhuYW6xwAgJuKuX5mFcJxn%2BPrF0e7Cj%2B8HqpovlBg5a7vAHhVJy5Jd3ugiZP9hHguCfJ3ZL09F2h17vvOs7CllfYlfu81HFj8Jr8vr9XmdkUYg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba4cec50bb35-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=295618873029&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&Set1=en...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=295618873029&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&Se...

110 B
714 B

106ms
106ms

Script
text/javascript

185.167.164.43
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=295618873029&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/p/vip-20/exclusive/

Protocol

Server

185.167.164.43 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9741f6dbbed8620d7a1e1af61d4b31a3ae6dda8c1f4ca48cd6dec5a776d065f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 185
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=295618873029&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 93BE 25 KB
6 KB 29ms
29ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 3038294
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TIeYdqgCqwWjy13NDDYISvesDnzbFNfETPzr5g%2F7iJWmf5m6ms4pKazHDQLcrDHQWznrkCi5tFkDoBaAP7P0FF4ZnV7NbPU6QIHmBg4FOUB3b6PGZFDJ6YFfLkBlqHcHaFa0Sz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba4dfcddbb35-FRA
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
resorts.zendesk.com/embeddable/ Frame 93BE 1 KB
1 KB 276ms
212ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resorts.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0802818040a298f240cc7a1dd6bf398b19981a52a6fa113eb7f8d058ef68128

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-868b474749-qxlh6
x-cached: MISS
x-request-id: 842aba4e5d211c11-FRA
x-runtime: 0.002598
last-modified: Tue, 09 Jan 2024 03:01:59 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1nEd23lyOnJ5SapRspptjDnA7cIrjBKNutLdIdW0FKRhymPvExbTPcv1OVZexoUpu5W1j%2F4Xkgl9Vh291XgDg8nx4rgWZBxssdObrUy%2BeyzeeG6K0aUgTwcNC%2BFWGe6%2Fuy5drmk%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 842aba4e5d211c11-FRA

GET
H2 200 / Show response
www.resortscasino.com/api/v2/promotions/categories/ 2 B
110 B 163ms
162ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/v2/promotions/categories/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
accept-language: de-DE,de;q=0.9
X-CSRFToken: e8xFUKccXlZ0r46726CZM7y5MRbQGsDxob2ZkOgA4TvxnTfRolMjjogrZLWr8PCu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: GET, HEAD, OPTIONS
vary: Accept-Language, Cookie
content-language: en
x-url: /api/v2/promotions/categories/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: n03p110xwpws002
cf-ray: 842aba4e19cd39df-FRA
content-length: 2

GET
H2 200 / Show response
www.resortscasino.com/api/translations//en/loyalty/ 2 KB
1 KB 163ms
163ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/translations//en/loyalty/?output_format=react

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c7cc1a1ae1e5c52e53c169b3038a4b7ca0a207df0193b349ef9e4661756d1f

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
accept-language: de-DE,de;q=0.9
X-CSRFToken: e8xFUKccXlZ0r46726CZM7y5MRbQGsDxob2ZkOgA4TvxnTfRolMjjogrZLWr8PCu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/translations/en/loyalty/?output_format=react
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws002
cf-ray: 842aba4e19cf39df-FRA

GET
H2 200 web-widget-chat-sdk-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 93BE 202 KB
51 KB 31ms
31ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
x-amz-version-id: TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 0X24BSPSV39D8D28
age: 3038292
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 1eGND/GjxrlQxia9pWdTTwHT8UuCrrKDdbJzZuma1/VkfAY1PcOzD5FH1w1FjTJn2c8rVgJg5Po=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W8IGGbBMNKV3y4fpi9lJFHham6kk5Sa5u1GiZ8BDPDcHClbZRP8ZtYTIoWQsLoetE6vV2Eln4Q5iqzWgb5eUocGo%2BcyriGPXY84OmTR0p8SsEsrl27Qubq0NsVdTCuFJghbMaBE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba4e2cf8bb35-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 status Show response
resorts.zendesk.com/talk_embeddables_service/web/ Frame 93BE 95 B
1 KB 233ms
203ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://resorts.zendesk.com/talk_embeddables_service/web/status?subdomain=resorts&nickname=Resorts

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a8a584c850b3d65d4184b1111932560a757f12cd689f5441170c07c3975e6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-request-id: 842aba4e5d231c11-FRA
server: cloudflare
etag: W/"5f-8F4IBxNf7WRaSJWu3d5CFCBloLA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 499
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iln6mWun67ELYhmiJBQ7CM5AR9aA5UUoaSRQvmWn2LltZfJAqkZHOQmUjL8lRXbIdnRrPtDY4mkFqNKZksxNZgzKLGmL8d5PYar2zqHpiyqRvrBdRjV0LJ9xPjKGP2J1oL6EceM%3D"}],"group":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-ratelimit-reset: 1704782837
x-ratelimit-limit: 500
cf-ray: 842aba4e5d231c11-FRA

GET
H2 200 p Show response
i.simpli.fi/ 798 B
762 B 35ms
27ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=408539&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/24133590-8dea-013b-adc3-0cc47abd0334
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 04d27094ded8e40ea532d4c8622789272e4e73bcb74dbc7c7f442c0d530c8526

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 / Show response
www.resortscasino.com/common/endpoint/ 143 B
221 B 162ms
162ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/common/endpoint/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5415326eeb1895aa8b63ba1199e43c5d16b54c3c22ef286e4a46f603121eec8b

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.resortscasino.com/p/vip-20/exclusive/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-CSRFToken: e8xFUKccXlZ0r46726CZM7y5MRbQGsDxob2ZkOgA4TvxnTfRolMjjogrZLWr8PCu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: POST, OPTIONS
content-language: en
x-url: /common/endpoint/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws003
cf-ray: 842aba4f4ab039df-FRA

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=8D8DDD8D220547F3AD952818C9149EC5

0
237 B

81ms
37ms

Image
text/plain

2600:9000:224a:2800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=8D8DDD8D220547F3AD952818C9149EC5
Protocol: H2
Server: 2600:9000:224a:2800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cache-control: no-cache, must-revalidate
via: 1.1 09211df9a08903bbbc04e39ab4e6f300.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: lLqH9fO-GV4k_apjqz96bDvCscfVoVQhGfNADFO_U4BhSkfvaBsQHQ==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

RX-54be7896-b0f8-455a-8f91-239d47d27996-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/8D8DDD8D220547F3AD952818C9149EC5
https://sync.1rx.io/usersync/simplifi/8D8DDD8D220547F3AD952818C9149EC5?zcc=1&cb=1704782835271
https://sync.targeting.unrulymedia.com/csync/RX-54be7896-b0f8-455a-8f91-239d47d27996-003

43 B
378 B

99ms
25ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-54be7896-b0f8-455a-8f91-239d47d27996-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-54be7896-b0f8-455a-8f91-239d47d27996-003
pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=8D8DDD8D220547F3AD952818C9149EC5&dongle=yf3

37 B
140 B

67ms
21ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=8D8DDD8D220547F3AD952818C9149EC5&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=8D8DDD8D220547F3AD952818C9149EC5&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=8D8DDD8D220547F3AD952818C9149EC5

43 B
175 B

359ms
111ms

Image
image/gif

2600:1f18:612b:4200:cf3b:d950:bab4:515a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=8D8DDD8D220547F3AD952818C9149EC5
Protocol: H2
Server: 2600:1f18:612b:4200:cf3b:d950:bab4:515a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 09 Jan 2024 06:47:15 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=8D8DDD8D220547F3AD952818C9149EC5
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=8D8DDD8D220547F3AD952818C9149EC5

95 B
427 B

31ms
31ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=8D8DDD8D220547F3AD952818C9149EC5

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=8D8DDD8D220547F3AD952818C9149EC5
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=8D8DDD8D220547F3AD952818C9149EC5
https://d.agkn.com/pixel/10751/?che=1704782835266&ip=217.114.218.23&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216873104756000529670
https://um.simpli.fi/aa_px?sk=216873104756000529670
https://um.simpli.fi/empty.gif

43 B
361 B

26ms
26ms

Image
image/gif

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8D8DDD8D220547F3AD952818C9149EC5

0
0

113ms
18ms

Image
text/html

18.245.60.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8D8DDD8D220547F3AD952818C9149EC5
Protocol: H2
Server: 18.245.60.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-10.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 30ms
29ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 31ms
30ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=8D8DDD8D220547F3AD952818C9149EC5;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=8D8DDD8D220547F3AD952818C9149EC5;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NDAwMzMzNTkxNjIzNDAzNDMxMg==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEEVKyi6B4V_rKuF17uw-hSU&google_cver=1

43 B
380 B

39ms
31ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEEVKyi6B4V_rKuF17uw-hSU&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEEVKyi6B4V_rKuF17uw-hSU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=8D8DDD8D220547F3AD952818C9149EC5&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=8D8DDD8D220547F3AD952818C9149EC5&j=0&xl8blockcheck=1

0
767 B

50ms
50ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=8D8DDD8D220547F3AD952818C9149EC5&j=0&xl8blockcheck=1
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=8D8DDD8D220547F3AD952818C9149EC5&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 32ms
31ms Image
image/gif 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=8D8DDD8D220547F3AD952818C9149EC5

0
421 B

482ms
111ms

Image
text/plain

52.44.250.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=8D8DDD8D220547F3AD952818C9149EC5
Protocol: HTTP/1.1
Server: 52.44.250.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-250-119.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 09 Jan 2024 06:47:15 GMT

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=8D8DDD8D220547F3AD952818C9149EC5

62 B
445 B

254ms
158ms

Image
image/gif

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=8D8DDD8D220547F3AD952818C9149EC5
Protocol: H2
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 09 Jan 2024 06:47:15 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

404

tpid=8D8DDD8D220547F3AD952818C9149EC5
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8D8DDD8D220547F3AD952818C9149EC5

49 B
265 B

142ms
45ms

Image
image/gif

54.171.10.251
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8D8DDD8D220547F3AD952818C9149EC5
Protocol: H2
Server: 54.171.10.251 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-10-251.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.29.16
content-length: 49
expires: 0

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=8D8DDD8D220547F3AD952818C9149EC5

0
311 B

136ms
41ms

Image
text/plain

216.52.2.86
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=8D8DDD8D220547F3AD952818C9149EC5
Protocol: HTTP/1.1
Server: 216.52.2.86 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:15 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=8D8DDD8D220547F3AD952818C9149EC5

0
98 B

125ms
30ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=8D8DDD8D220547F3AD952818C9149EC5
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704782835041&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8...
https://www.google.com/pagead/1p-conversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqJK9-t...
https://www.google.de/pagead/1p-conversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqJK9-tr...

42 B
64 B

34ms
34ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqJK9-trPgwMVONE7Ah26NgJJ&is_vtc=1&ocp_id=8-ucZejMCrii78EPuu2IyAQ&cid=CAQSKQAvHhf_PBaHZZr-NDsfdPk3_fb7Lkux5tILs7bYQbrV0bXC1NN46_dS&random=1540791791&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=379782023&cv=7&fst=1704782835041&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIqJK9-trPgwMVONE7Ah26NgJJ&is_vtc=1&ocp_id=8-ucZejMCrii78EPuu2IyAQ&cid=CAQSKQAvHhf_PBaHZZr-NDsfdPk3_fb7Lkux5tILs7bYQbrV0bXC1NN46_dS&random=1540791791&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 33ms
32ms Image
text/plain 35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=8D8DDD8D220547F3AD952818C9149EC5

43 B
1012 B

37ms
36ms

Image
image/gif

185.89.210.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=8D8DDD8D220547F3AD952818C9149EC5

Protocol

Server

185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
an-x-request-uuid: 7bfec067-2395-47f4-8d14-899071eea142
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.23; 217.114.218.23; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8D8DDD8D220547F3AD952818C9149EC5&expires=365

0
239 B

134ms
20ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8D8DDD8D220547F3AD952818C9149EC5&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 1f4afaf10c6b5898421df1cdca3fc7f5
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=8D8DDD8D220547F3AD952818C9149EC5&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=8D8DDD8D220547F3AD952818C9149EC5

43 B
264 B

123ms
28ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=8D8DDD8D220547F3AD952818C9149EC5
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=8D8DDD8D220547F3AD952818C9149EC5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEEm8JC2g3OQaEQekhdb9CYk&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=8D8DDD8D220547F3AD952818C9149EC5
https://um.simpli.fi/g_match?id=

0
320 B

27ms
27ms

Image
text/plain

35.204.74.118
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.204.74.118 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

118.74.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 08 Jan 2024 06:47:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 fetch
js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@c6aff3524641a4a596bdf0a729aa/interstitial/v2/ Frame 0
0 584ms
189ms Preflight 54.71.12.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@c6aff3524641a4a596bdf0a729aa/interstitial/v2/fetch?preload=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.12.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-12-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.resortscasino.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
date: Tue, 09 Jan 2024 06:47:15 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

POST
H2 200 fetch Show response
js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@c6aff3524641a4a596bdf0a729aa/interstitial/v2/ 14 B
411 B 197ms
197ms XHR
application/json 54.71.12.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@c6aff3524641a4a596bdf0a729aa/interstitial/v2/fetch?preload=true

Requested by

Host: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=91bbf7114c10a0b186796a4a633fc98e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.71.12.84 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-71-12-84.us-west-2.compute.amazonaws.com

Software

Resource Hash

15c53b41755b7dbbf631697798b043b1eb429674afb2580b605d468c7f8593b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.resortscasino.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
access-control-max-age: 86400
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
content-length: 14
x-xss-protection: 1; mode=block

GET
H2 200 web-widget-chat-incoming-message-notification-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 93BE 236 B
606 B 30ms
30ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
x-amz-version-id: vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: A4N17FH4T4Q3T2FA
age: 3038289
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jj3IJP8SG1qYvE4k5/yGOQQcVY1t9fS2FwFAUdl7K5931Xd3flm5WF8IJiZ/yy12ah/e+h8TsYA=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iAsiy2rVnO0goITXjrd5Au1cHfEKbp%2BgTEojeCYzRKVbiUr%2BmyoqOZM9hstQfy9CPTazDOM8dvlOao8idMT6N9V5tAVf9lUbuRq6Mv%2FE1StUqFQNN7rAbQskhYxVS1CsOnNvS1Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba52e822bb35-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 93BE 19 KB
20 KB 28ms
28ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
x-amz-version-id: Kl.biZfM8rz6re2aS0glnDheA8R9Dmfl
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: KH5VE2Z70ZGQ75A2
age: 2957888
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: LqweHRijvBdbgWotLxDeNcs9Lz6cG09nTN1pbS7TIlVP/kJbpnlLrkq/B74CU90UTxSTSp+E3xk=
last-modified: Wed, 29 Nov 2023 08:06:43 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ppkYA2WgrKZwl1qAGLhX39Ra3o%2B9zBl%2F970F7HcRxTLKVc8g6OFHOJnrSDdu6aeIslfjbnl%2BPjo15jzlLJYlHwJ%2FfkvGY%2BR4VWN9kiUduEAttVQyyP6FQM7w2W6Ai1vTaerBR7U%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba53184bbb35-FRA
expires: Thu, 28 Nov 2024 08:06:42 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1559287/log/3/ 0
251 B 96ms
25ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1559287/log/3/unip?en=pre_d_eng_tb&tos=1591&scd=0&ssd=1&est=1704782834440&ver=36&isls=true&src=i&invt=1500&msa=18&rv=1&tim=1704782836031&vi=1704782834438&ri=058729d7fa583c581cac44fb8cb2b2e1&ref=null&cv=20240107-6-RELEASE&item-url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://www.resortscasino.com
pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 204 unip Show response
trc-events.taboola.com/1559287/log/3/ 0
250 B 27ms
27ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1559287/log/3/unip?en=pre_d_eng_tb&tos=4593&scd=0&ssd=1&est=1704782834440&ver=36&isls=true&src=i&invt=3000&msa=18&rv=1&tim=1704782839032&vi=1704782834438&ri=058729d7fa583c581cac44fb8cb2b2e1&ref=null&cv=20240107-6-RELEASE&item-url=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://www.resortscasino.com
pragma: no-cache
date: Tue, 09 Jan 2024 06:47:19 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 27ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FQ0H43EGGW&gtm=45je4130v881813852&_p=1704782834039&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1360956274.1704782834&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704782834&sct=1&seg=0&dl=https%3A%2F%2Fwww.resortscasino.com%2Fp%2Fvip-20%2Fexclusive%2F&dt=VIP20-%20100%25%20up%20to%20%24500%20First%20Time%20Deposit%20-%20ResortsCasino.com&en=scroll&epn.percent_scrolled=90&_et=17&tfd=7153
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: datplus.springserve.com
URL: https://datplus.springserve.com/px/tag/288?

Verdicts & Comments Add Verdict or Comment

105 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

83 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.resortscasino.com/	1969-12-31 23:59:59	Name: LG_WEB_VW Value: casinoresorts
www.resortscasino.com/	1970-01-21 02:18:38	Name: LG_CU_INF Value: USD\|ResortsCasino\|ResortsCasino\|EN\|US\|\|0.0\|casinoresorts\|\|\|\|
www.resortscasino.com/	1970-01-20 18:16:14	Name: LG_FPG_TRK Value: "2024-01-09 06:47:13\|www.resortscasino.com\|/p/vip-20/exclusive/\|"
www.resortscasino.com/	1970-01-21 02:17:12	Name: csrftoken Value: e8xFUKccXlZ0r46726CZM7y5MRbQGsDxob2ZkOgA4TvxnTfRolMjjogrZLWr8PCu
www.resortscasino.com/	1969-12-31 23:59:59	Name: sessionid Value: llgd5pmyh82qax9c7m40sy6rjpn2x7fj
.resortscasino.com/	1970-01-20 17:33:04	Name: __cf_bm Value: CJchuA9T93AeGnMvpilj2OA8Ab4Paw80qm3ySmF16rE-1704782833-1-Aa1GYkGDa4RqE7h/UidPl4IxOuR1kEzCRfMloezATEKkhFCuuPEGsZXMy6o61OiPCgxKMW81TLIybTsXpU2Xyjo=
.resortscasino.com/	1969-12-31 23:59:59	Name: __cfruid Value: fbe9af3ce5ab4360065ca1280d708708f8f21517-1704782833
www.resortscasino.com/	1970-01-20 17:34:29	Name: DAPROPS Value: "sdevicePixelRatio:1\|bjs.deviceOrientation:0\|sdeviceAspectRatio:1600/1200\|sjs.webGlRenderer:Intel Iris OpenGL Engine\|sscreenWidthHeight:1600/1200\|srendererRef:02230601228\|saudioRef:4143271754\|sversion:1.9.1\|bE:0"
.resortscasino.com/	1970-01-20 19:42:38	Name: _gcl_au Value: 1.1.808874443.1704782834
.adnxs.com/	1970-01-20 19:42:38	Name: uuid2 Value: 4664063454641505535
www.resortscasino.com/	1969-12-31 23:59:59	Name: SG_CLI_FGPR Value: 3915540884
.resortscasino.com/	1970-01-21 03:09:02	Name: _ga_K0JNZQ9WRQ Value: GS1.1.1704782834.1.0.1704782834.0.0.0
.resortscasino.com/	1970-01-21 03:09:02	Name: _ga_FQ0H43EGGW Value: GS1.1.1704782834.1.0.1704782834.60.0.0
.smadex.com/	1970-01-21 02:11:26	Name: smxtrack Value: f9364e9c-ae70-4828-96bc-8773bec96c6f
.simpli.fi/	1970-01-21 02:20:05	Name: suid Value: 8D8DDD8D220547F3AD952818C9149EC5
.resortscasino.com/	1970-01-21 03:09:02	Name: ol-OL_Tracking_ID Value: @OL@c6aff3524641a4a596bdf0a729aa
.resortscasino.com/	1970-01-21 03:09:02	Name: ol-OL_LIB_INSTALL_TIME Value: 1704782834447
.resortscasino.com/	1970-01-21 03:09:02	Name: ol-OL_APP_CLEAN_INSTALL_TIME Value: 1704782834447
.resortscasino.com/	1970-01-21 03:09:02	Name: _ga Value: GA1.2.1360956274.1704782834
.resortscasino.com/	1970-01-20 17:34:29	Name: _gid Value: GA1.2.1932871158.1704782834
.resortscasino.com/	1970-01-20 17:33:02	Name: _gat_UA-59913499-1 Value: 1
.resortscasino.com/	1970-01-20 17:33:03	Name: ol-OL_Session_Id Value: 6c30d811-027f-4fc0-9630-3958ae8ea6c9
.resortscasino.com/	1970-01-20 17:33:03	Name: ol-OL_Phash Value:
.resortscasino.com/	1970-01-21 02:18:38	Name: _hjSessionUser_88150 Value: eyJpZCI6ImQwZGE5ZDQ0LTI5OTYtNWJiZi1hMGM5LTViODRlODk1MjBkOCIsImNyZWF0ZWQiOjE3MDQ3ODI4MzQ1OTQsImV4aXN0aW5nIjpmYWxzZX0=
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjFirstSeen Value: 1
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjIncludedInSessionSample_88150 Value: 0
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjSession_88150 Value: eyJpZCI6IjVjODg0ODVkLTgwYjYtNDgzOS04MjUyLWQwNTczNzJmYWY5MSIsImMiOjE3MDQ3ODI4MzQ1OTUsInMiOjAsInIiOjAsInNiIjoxfQ==
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjAbsoluteSessionInProgress Value: 0
.smadex.com/	1970-01-20 17:54:38	Name: smxdc Value: 1
www.resortscasino.com/	1970-01-21 03:09:02	Name: _tq_id.TV-453672-1.65ff Value: c4f38a441ab214fc.1704782835.0.1704782835..
.doubleclick.net/	1970-01-21 02:54:38	Name: IDE Value: AHWqTUnHXVN9-SbTfU5jMcU_10pCklHw3lwtgqdWjYDH02NX7DiPWK5SOaQdNVCLbLs
.yahoo.com/	1970-01-21 02:19:00	Name: A3 Value: d=AQABBPLrnGUCEAfjCrJkdBgcyco9AXR0acgFEgEBAQE9nmWmZeAPyiMA_eMAAA&S=AQAAAgzgsamUv-AKb-0LBCRaMYM
www.resortscasino.com/	1969-12-31 23:59:59	Name: SG_CLI_DVC_ID Value: 3915540884
.resortscasino.com/	1970-01-20 17:33:06	Name: _no_tracky_101132698 Value: 1
.adform.net/	1970-01-20 18:17:41	Name: C Value: 1
.adform.net/	1970-01-20 18:59:26	Name: receive-cookie-deprecation Value: 1
widget-mediator.zopim.com/	1970-01-20 17:43:07	Name: AWSALBCORS Value: zgBxsfvBebQREZfOF16Pt9TqIXfmbYkP+ClV6Nwsu6d7GR7QT9/jP58fhPhvqhpzZNB2TJz6SSZAFX5m8A/5nzNIi2ZAvqnqb1f8LHfsLji9a0pd/rziJYrYkPVB
.adform.net/	1970-01-20 18:59:26	Name: uid Value: 5373802338391249702
.simpli.fi/	1970-01-20 17:43:07	Name: uid_syncd_secure Value: true
www.resortscasino.com/	1970-01-21 02:18:38	Name: LG_CU_CHA Value: \|/p/vip-20/exclusive/\|\|01/09/2024 1:47 a.m. \|\|\|
.agkn.com/	1970-01-21 02:18:38	Name: ab Value: 0001%3AMEU1w%2BXBt72scBaKprzv7kzqjVibPgN6
.1rx.io/	1970-01-21 02:18:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-54be7896-b0f8-455a-8f91-239d47d27996-003%22%7D
.tapad.com/	1970-01-20 18:59:26	Name: TapAd_TS Value: 1704782835270
.tapad.com/	1970-01-20 18:59:26	Name: TapAd_DID Value: 807e9350-e153-4711-8390-8bd061c725a3
.adnxs.com/	1970-01-21 03:09:02	Name: XANDR_PANID Value: 851B9ZK0Qmbx7n5UTPmZzxgSWcuo7TWvHgVi-KIfroHwa0LkCIauzYTWrg2WQQAMS72dw1iNPGg5rUfPnQ-M0TReKB8Ucu2aacNOcz9IzoQ.
.adnxs.com/	1970-01-20 19:42:38	Name: anj Value: dTM7k!M4.FEVNsVF']wIg2IlawY_PD!fsuh+5T_NpDj>lih.32I6]E'!Ji<z#(kpW5j/Bt=5i(G9SVS#9TI-tF5fF0k3CLMTD._*PlZ[C[-kX-Ky<kE
.tapad.com/	1970-01-20 18:59:26	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-21 02:18:38	Name: u Value: C\|0AAAAAAAALS-ocwAAAAAA
.targeting.unrulymedia.com/	1970-01-21 02:18:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-54be7896-b0f8-455a-8f91-239d47d27996-003%22%7D
.pro-market.net/	1970-01-20 18:16:14	Name: anHistory Value: "ueyg56r3g51k+2+!#7%.!*##br"
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-App Open Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Feedback Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Location Prompt Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Location Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Manual Location Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Manual Notification Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Notification Prompt Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Notification Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 1 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 2 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 3 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 4 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 5 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 6 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 7 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 8 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 9 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement A Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement B Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement C Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement D Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement E Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement F Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Push Open Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Store Launch Value:
.exelator.com/	1970-01-20 20:25:50	Name: EE Value: "49c6877d85c9fcb865c26e9a7a4a9896"
.pro-market.net/	1970-01-20 21:52:14	Name: anProfile Value: "ueyg56r3g51k+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60000202403247000000000008+s2=(s6zeur)+vm=24-8D8DDD8D220547F3AD952818C9149EC5:53-CAESEEVKyi6B4V_rKuF17uw-hSU"
.exelator.com/	1970-01-20 20:25:50	Name: ud Value: "eJxrXxzq6XKLQcHEMtnMwtw8xcI02TItOcnCzDTZyCzVMtE80STR0sLSbHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIYEl%252BUWb6IhfXxUUpaQyLSopPBR8rqwUAoJwqRw%253D%253D"
.bluekai.com/	1970-01-20 21:55:07	Name: bku Value: blx99wwg7sDl1ZXL
.bluekai.com/	1970-01-20 21:55:07	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwECWmWHWHeCW1M/yBExlHMBOHeAN1MQhmW181Ex8HD1N9y934Qrg
.resortscasino.com/	1970-01-21 02:18:38	Name: __zlcmid Value: 1JjmPMg4GZcZZRL
.bfmio.com/	1970-01-21 02:18:38	Name: __141_cid Value: 8D8DDD8D220547F3AD952818C9149EC5
.bfmio.com/	1970-01-21 02:18:38	Name: __io_cid Value: f13ec8fd132869ae6dd3fbc326093e9ad432c9fe

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://datplus.springserve.com/px/tag/288? Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
deprecation	warning	URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5(Line 2) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
javascript	warning	URL: https://secure.adnxs.com/seg?add=5150196&t=1 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://resortactracksdk.optimove.net/piwik.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=8D8DDD8D220547F3AD952818C9149EC5 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=8D8DDD8D220547F3AD952818C9149EC5 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=8D8DDD8D220547F3AD952818C9149EC5 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
aa.agkn.com
bcp.crwdcntrl.net
cdn.otherlevels.com
cdn.taboola.com
ce.lijit.com
clients.getscaled.com
cm.g.doubleclick.net
cm.smadex.com
collector-562.tvsquared.com
connect.facebook.net
d.agkn.com
datplus.springserve.com
eb2.3lift.com
ekr.zdassets.com
fei.pro-market.net
geo-tracker.smadex.com
go.affec.tv
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
in.getclicky.com
js-api.otherlevels.com
js-content.otherlevels.com
loadm.exelator.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
region1.google-analytics.com
resortactracksdk.optimove.net
resorts.zendesk.com
s.ad.smaato.net
s.yimg.com
s2.adform.net
script.hotjar.com
sdk-cdn.optimove.net
secure.adnxs.com
simplifi.partners.tremorhub.com
sp.analytics.yahoo.com
stags.bluekai.com
static.getclicky.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.bounceexchange.com
tag.simpli.fi
trc-events.taboola.com
trc.taboola.com
tsmtpclick.com
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.resortscasino.com
datplus.springserve.com
104.16.179.60
104.16.51.111
104.18.70.113
104.18.72.113
107.154.132.121
108.157.4.86
13.248.245.213
141.226.228.48
142.250.185.66
142.250.186.130
151.101.65.44
18.154.63.87
18.173.233.14
18.245.60.10
18.66.248.94
185.167.164.43
185.89.210.90
199.187.172.5
2001:4860:4802:34::36
209.124.85.247
212.82.100.181
216.52.2.86
2600:1901:0:8eee::
2600:1f18:612b:4200:cf3b:d950:bab4:515a
2600:9000:224a:2800:1b:5138:8a40:93a1
2606:4700::6811:626c
2a00:1288:80:807::1
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2008
2a00:1450:4001:827::2003
2a00:1450:4001:828::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f177:185:face:b00c:0:25de
3.136.125.130
34.111.113.62
34.120.253.250
34.215.99.216
35.156.188.18
35.157.249.250
35.201.79.141
35.204.74.118
35.204.89.238
35.244.159.8
35.244.174.68
37.157.5.71
46.228.174.117
52.29.118.238
52.44.250.119
54.171.10.251
54.194.142.151
54.71.12.84
54.78.254.47
69.173.144.139
72.246.169.24
04208ea43b2b51c5a05863fdb5f4c248125040d4cbb9deed84e2b3a557e6ebda
04d27094ded8e40ea532d4c8622789272e4e73bcb74dbc7c7f442c0d530c8526
066ecc231bdde1a2949331b7218f0b49fd09905886f44d54201e6b50be569f6a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bacdb548e164cf35287770db84873bbb8d2da7f85a04fb4ba9c8b692d773fd1
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
0e646639e6ae46b7ba1f54c1f5a853464391a41964a045adc61cd0f3b647c331
1286879e461d713585a76ee3e422d862060c3bfda30097e242660ddfb084aa1b
12c7cc1a1ae1e5c52e53c169b3038a4b7ca0a207df0193b349ef9e4661756d1f
15c53b41755b7dbbf631697798b043b1eb429674afb2580b605d468c7f8593b7
24ed6671978ad2dcceb01b7dc2da1dfff7b78e020226faf64cb5ac83617665a7
27bc4fec5ee42fd1438fc4ce0f5ec547f949ee8f5f4753bfb9e6e38962756b68
2ce126bac21a255b2d16aa93eac7b5609e149832ef3c1fc5beaa7735e7dc336b
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9392bfe29ae4a6b417d8d07f0e2b63a02c3336d061ba2214af8abe58f12877
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
33d232a0ad874c69bd4a9f24dd74f4576f14b64dae289cd7eb759c802191e633
34fe5baf32720c554475c55bd1505cf5e84783c4456ce67c65aa43607508c4ca
3b8f402ebf10aae3cc02f5202328110626c2c9e741467d35495fb93df65348ce
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fa0bd83d19c098e0b6af35bedb2a1537b3a296f43b6a9b0807196a675a35c47
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5415326eeb1895aa8b63ba1199e43c5d16b54c3c22ef286e4a46f603121eec8b
5431eb1c68d1f2d823516b30656ade17a41fccb33c54ab46df3ea6d0d5f6c778
5ba29f9f342c18191f7170127613f80ae12418f65fea4aa4844fff528862c845
5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7
66500550e48a6abc5bd9c051226c62135d6d142e7464d3c19d7990746291920a
6a393fa0deff75c761b596183b83ecfb6aecbd3788c298130073a1b98cd91585
764a4fb3b4d97d4e4831bcb12331dc3f556aaae7e7824dd845b99e31f05f36ea
78ccfe8d43da22a6308bba19d9ebe39f0c6cdaedeaeed7f4df7a3f1d2f0d6241
7a8a584c850b3d65d4184b1111932560a757f12cd689f5441170c07c3975e6ab
7e0ede8b7e6f46b73a4687c149e26d79e97366305fdc033ce10955ff2116a6dc
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
885ab9db27d62a92a91f1bb8fa1dcc9ffd1da8512f32f8af2f9d452587d940ae
8b383920bd7e1d8a93b2eefa47b5f8dde56ff0f8db69d414da5c14eba7cc8066
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
9741f6dbbed8620d7a1e1af61d4b31a3ae6dda8c1f4ca48cd6dec5a776d065f7
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
981e9dbd0169453bdef25e3118a3fe7b6b3d8f5b646da2439214fc5f0aa1d077
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a231e0c02ad917ff91617656d5c03d1bec42c77d8a99a5494e7480e628b2a486
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a3c3d9384396dc93fab215fd20f83761536f2d406e92a61588fc5afd15ddcfab
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
a79af71f49dab5b1f8a753260a92388dd2f4a49f8dfa6536a1559551b79d79fe
aec10ed4786a967d972236584c6925194567c19572110d64e2ea63b727c529b0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4
b8b213373c49a311f1200af0708d87166b94db6fae492576dc4b8cd7519dce3b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcbad34cb83db532affa31ba77436a63686936eb43376880022152a58bd9cf45
c07a1ff7aa4100e7246ce4a9c8b633648ec12addd93fcf1a51a5c728d5dadb0e
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14974aac0633678cfb9d8c21bae04a1616d7f225bdfa4b5fca75e17f49ef7b9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10ac8e6f76747c1475e8d310c109e553207bde8f24601414b26845fe525606e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ff93a0afcec29e7a03cbf2d81aa8b8d7a328e9a91c633c43ba237b939d04aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0802818040a298f240cc7a1dd6bf398b19981a52a6fa113eb7f8d058ef68128
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f1cb57eab48e93e07eaa3e64ff0cc810c1cdd27a7534008efcb81f0712115cb8
f76ba93a0ba83b8293fec79374fba39a5b44bbafe99ea2b5e97f067e87dc7c55
fb8032c6d54e10e902616320a7214dbf15a76b71358b328e8e3c450eb99f332c

www.resortscasino.com Open in urlscan Pro 104.16.179.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

111 Requests

77 %HTTPS

25 %IPv6

45 Domains

64 Subdomains

50 IPs

8 Countries

2221 kBTransfer

7274 kBSize

83 Cookies

2 Outgoing links

Page URL History

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

www.resortscasino.com Open in urlscan Pro
104.16.179.60 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

77 %
HTTPS

25 %
IPv6

45
Domains

64
Subdomains

50
IPs

8
Countries

2221 kB
Transfer

7274 kB
Size

83
Cookies

111 HTTP transactions
0 data transactions