www.resortscasino.com Open in urlscan Pro
104.16.179.60 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbkHt
Effective URL:
https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_sour...
Submission: On January 09 via manual (January 9th 2024, 6:47:20 am UTC) from IN — Scanned from DE

Summary HTTP 140 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 55 IPs in 8 countries across 48 domains to perform 140 HTTP transactions. The main IP is 104.16.179.60, located in and belongs to CLOUDFLARENET, US. The main domain is www.resortscasino.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 12th 2023. Valid for: a year.

This is the only time www.resortscasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	199.187.172.5 199.187.172.5	36351 (SOFTLAYER) (SOFTLAYER)
1 1	209.124.85.247 209.124.85.247	55293 (A2HOSTING) (A2HOSTING)
22	104.16.179.60 104.16.179.60	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2 7	37.252.171.53 37.252.171.53	29990 (ASN-APPNEX) (ASN-APPNEX)
7	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.201.79.141 35.201.79.141	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	3.136.125.130 3.136.125.130	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6811:626c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	108.157.4.72 108.157.4.72	16509 (AMAZON-02) (AMAZON-02)
1	54.194.142.151 54.194.142.151	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1288:80:... 2a00:1288:80:807::2	203220 (YAHOO-DEB) (YAHOO-DEB)
2 3	185.167.164.39 185.167.164.39	198622 (ADFORM) (ADFORM)
1	37.157.5.73 37.157.5.73	198622 (ADFORM) (ADFORM)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
3	104.102.33.171 104.102.33.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	35.157.249.250 35.157.249.250	16509 (AMAZON-02) (AMAZON-02)
1 2	18.66.112.102 18.66.112.102	16509 (AMAZON-02) (AMAZON-02)
5 5	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	54.76.237.168 54.76.237.168	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	18.173.233.79 18.173.233.79	16509 (AMAZON-02) (AMAZON-02)
2	34.215.99.216 34.215.99.216	16509 (AMAZON-02) (AMAZON-02)
1 5	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	212.82.100.181 212.82.100.181	34010 (YAHOO-IRD) (YAHOO-IRD)
1	107.154.132.121 107.154.132.121	19551 (INCAPSULA) (INCAPSULA)
17	91.235.134.24 91.235.134.24	30286 (THM) (THM)
2	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	52.89.23.110 52.89.23.110	16509 (AMAZON-02) (AMAZON-02)
19 25	35.204.158.49 35.204.158.49	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:8c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4232:8e14:fb12:eab5:43f8	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.17.110.172 52.17.110.172	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.94.79 3.123.94.79	16509 (AMAZON-02) (AMAZON-02)
1	18.245.60.10 18.245.60.10	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.44.250.119 52.44.250.119	14618 (AMAZON-AES) (AMAZON-AES)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.49.23.84 52.49.23.84	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 4	91.235.132.130 91.235.132.130	30286 (THM) (THM)
1	91.235.134.131 91.235.134.131	30286 (THM) (THM)
2	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
140	55

1 199.187.172.5 (United States) 1 redirects

ASN36351 (SOFTLAYER, US)
PTR: tbjjbihbhcf.turbo-smtp.net

tsmtpclick.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.124.85.247 (United States) 1 redirects

ASN55293 (A2HOSTING, US)
PTR: server.getscaled.com

clients.getscaled.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 104.16.179.60 (None, )

ASN13335 (CLOUDFLARENET, US)

www.resortscasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 37.252.171.53 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.201.79.141 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 141.79.201.35.bc.googleusercontent.com

sdk-cdn.optimove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.136.125.130 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-136-125-130.us-east-2.compute.amazonaws.com

collector-562.tvsquared.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:626c (United States)

ASN13335 (CLOUDFLARENET, US)

static.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
in.getclicky.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.72 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-72.dus51.r.cloudfront.net

cdn.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.194.142.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-142-151.eu-west-1.compute.amazonaws.com

go.affec.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

s.yimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.167.164.39 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

a2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.5.73 (Denmark)

ASN198622 (ADFORM, DK)

s2.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.102.33.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-33-171.deploy.static.akamaitechnologies.com

zz.connextra.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.157.249.250 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-249-250.eu-central-1.compute.amazonaws.com

geo-tracker.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.102 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-102.fra56.r.cloudfront.net

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.76.237.168 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-237-168.eu-west-1.compute.amazonaws.com

broadbeam-5-adswizz.attribution.adswizz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.233.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-233-79.dus51.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.215.99.216 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-215-99-216.us-west-2.compute.amazonaws.com

js-api.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.181 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spdc.pbp.vip.ir2.yahoo.com

sp.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 107.154.132.121 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.132.121.ip.incapdns.net

resortactracksdk.optimove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 91.235.134.24 (United States)

ASN30286 (THM, US)

compliance.resortscasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

resorts.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.89.23.110 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-89-23-110.us-west-2.compute.amazonaws.com

js-content.otherlevels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 35.204.158.49 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.158.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:8c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:8e14:fb12:eab5:43f8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.110.172 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-110-172.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.94.79 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-94-79.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.60.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-60-10.fra60.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.250.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-250-119.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.49.23.84 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-23-84.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 91.235.132.130 (United States) 1 redirects

ASN30286 (THM, US)
PTR: h.online-metrix.net

h.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.235.134.131 (United States)

ASN30286 (THM, US)

cigsl5rh4cigpaokh4jobqhuamg6bd4cohjrdu2uc33ef46ceb3cda83am1.e.aa.online-metrix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	resortscasino.com www.resortscasino.com compliance.resortscasino.com	1 MB
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 7462 i.simpli.fi — Cisco Umbrella Rank: 6388 um.simpli.fi — Cisco Umbrella Rank: 1428	12 KB
11	doubleclick.net 6 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 338 stats.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 68	6 KB
7	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 2014 www.google.com — Cisco Umbrella Rank: 6	1 KB
7	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 3600 ekr.zdassets.com — Cisco Umbrella Rank: 4357	349 KB
7	adnxs.com 2 redirects secure.adnxs.com — Cisco Umbrella Rank: 793 ib.adnxs.com — Cisco Umbrella Rank: 356	7 KB
6	google.de www.google.de — Cisco Umbrella Rank: 4002	949 B
5	online-metrix.net 1 redirects h.online-metrix.net — Cisco Umbrella Rank: 3974 cigsl5rh4cigpaokh4jobqhuamg6bd4cohjrdu2uc33ef46ceb3cda83am1.e.aa.online-metrix.net	17 KB
5	otherlevels.com cdn.otherlevels.com — Cisco Umbrella Rank: 87294 js-api.otherlevels.com — Cisco Umbrella Rank: 42783 js-content.otherlevels.com — Cisco Umbrella Rank: 82879	39 KB
5	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1255 trc.taboola.com — Cisco Umbrella Rank: 960 trc-events.taboola.com — Cisco Umbrella Rank: 2320	23 KB
4	adform.net 2 redirects a2.adform.net — Cisco Umbrella Rank: 12667 s2.adform.net — Cisco Umbrella Rank: 7751	33 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 3732 pbid.pro-market.net — Cisco Umbrella Rank: 16052	1 KB
3	smadex.com 2 redirects geo-tracker.smadex.com — Cisco Umbrella Rank: 10287 cm.smadex.com — Cisco Umbrella Rank: 3977	950 B
3	connextra.com zz.connextra.com — Cisco Umbrella Rank: 15835	17 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101 region1.google-analytics.com — Cisco Umbrella Rank: 1695	21 KB
3	getclicky.com static.getclicky.com — Cisco Umbrella Rank: 16972 in.getclicky.com — Cisco Umbrella Rank: 13598	6 KB
3	tvsquared.com collector-562.tvsquared.com	9 KB
3	optimove.net sdk-cdn.optimove.net — Cisco Umbrella Rank: 28058 resortactracksdk.optimove.net	12 KB
3	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 1202 script.hotjar.com — Cisco Umbrella Rank: 1735	61 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	282 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 973 d.agkn.com — Cisco Umbrella Rank: 1340	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 845	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 857	712 B
2	zendesk.com resorts.zendesk.com	2 KB
2	yimg.com s.yimg.com — Cisco Umbrella Rank: 876	7 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 930	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 620	239 B
1	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 173	551 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 764	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 1432	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 1431	265 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 1624	447 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 3080	421 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 3106	93 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1479
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10133	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 731	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 2399	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 1035	237 B
1	yahoo.com sp.analytics.yahoo.com — Cisco Umbrella Rank: 2033	631 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 98	185 B
1	adswizz.com broadbeam-5-adswizz.attribution.adswizz.com	176 B
1	affec.tv go.affec.tv — Cisco Umbrella Rank: 14304	231 B
1	facebook.net connect.facebook.net — Cisco Umbrella Rank: 240	3 KB
1	bounceexchange.com tag.bounceexchange.com — Cisco Umbrella Rank: 5592	246 B
1	getscaled.com 1 redirects clients.getscaled.com	669 B
1	tsmtpclick.com 1 redirects tsmtpclick.com	312 B
0	springserve.com Failed datplus.springserve.com Failed
140	48

	Domain	Requested by
25	um.simpli.fi	19 redirects
22	www.resortscasino.com	www.resortscasino.com
17	compliance.resortscasino.com	www.resortscasino.com compliance.resortscasino.com
6	www.google.de	www.resortscasino.com
6	static.zdassets.com	www.googletagmanager.com static.zdassets.com
6	secure.adnxs.com	2 redirects www.resortscasino.com www.googletagmanager.com
5	www.google.com	1 redirects www.resortscasino.com
5	cm.g.doubleclick.net	5 redirects
4	h.online-metrix.net	1 redirects compliance.resortscasino.com
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com
3	zz.connextra.com	www.googletagmanager.com zz.connextra.com www.resortscasino.com
3	a2.adform.net	2 redirects www.resortscasino.com
3	collector-562.tvsquared.com	www.resortscasino.com
3	www.googletagmanager.com	www.resortscasino.com www.googletagmanager.com
2	trc-events.taboola.com	cdn.taboola.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	js-content.otherlevels.com	cdn.otherlevels.com
2	resorts.zendesk.com	static.zdassets.com
2	js-api.otherlevels.com	cdn.otherlevels.com
2	script.hotjar.com	static.hotjar.com script.hotjar.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	region1.analytics.google.com	www.googletagmanager.com
2	cm.smadex.com	1 redirects www.resortscasino.com
2	trc.taboola.com	www.resortscasino.com cdn.taboola.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	s.yimg.com	www.resortscasino.com s.yimg.com
2	static.getclicky.com	www.resortscasino.com
2	sdk-cdn.optimove.net	www.googletagmanager.com sdk-cdn.optimove.net
1	cigsl5rh4cigpaokh4jobqhuamg6bd4cohjrdu2uc33ef46ceb3cda83am1.e.aa.online-metrix.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	ib.adnxs.com
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	loadm.exelator.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	resortactracksdk.optimove.net	sdk-cdn.optimove.net
1	sp.analytics.yahoo.com	www.resortscasino.com
1	in.getclicky.com	static.getclicky.com
1	ekr.zdassets.com	static.zdassets.com
1	www.facebook.com	www.resortscasino.com
1	region1.google-analytics.com	www.googletagmanager.com
1	broadbeam-5-adswizz.attribution.adswizz.com	www.resortscasino.com
1	geo-tracker.smadex.com	1 redirects
1	tag.simpli.fi	www.googletagmanager.com
1	s2.adform.net	www.resortscasino.com
1	go.affec.tv	www.googletagmanager.com
1	cdn.otherlevels.com	www.resortscasino.com
1	static.hotjar.com	www.resortscasino.com
1	connect.facebook.net	www.resortscasino.com
1	cdn.taboola.com	www.googletagmanager.com
1	tag.bounceexchange.com	www.resortscasino.com
1	clients.getscaled.com	1 redirects
1	tsmtpclick.com	1 redirects
0	datplus.springserve.com Failed	www.googletagmanager.com
140	69

This site contains links to these domains. Also see Links.

Domain
blog.resortscasino.com
www.nj.gov
clicky.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-12` - `2024-05-11`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tag.bounceexchange.com R3	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-10-18` - `2024-01-16`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
*.optimove.net Sectigo RSA Domain Validation Secure Server CA	`2023-01-05` - `2024-02-05`	a year	crt.sh
*.us.tvsquared.com Amazon RSA 2048 M02	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.getclicky.com E1	`2023-12-03` - `2024-03-02`	3 months	crt.sh
*.otherlevels.com Amazon RSA 2048 M01	`2023-07-25` - `2024-08-22`	a year	crt.sh
affec.tv Amazon RSA 2048 M01	`2023-07-11` - `2024-08-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
*.fantasysports.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-12-12` - `2024-01-31`	2 months	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.connextra.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-28` - `2024-03-28`	a year	crt.sh
attribution.adswizz.com Amazon RSA 2048 M02	`2023-09-09` - `2024-10-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
real.sp.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-24` - `2024-04-17`	6 months	crt.sh
*.resortscasino.com Sectigo RSA Domain Validation Secure Server CA	`2024-01-08` - `2025-01-10`	a year	crt.sh
resorts.zendesk.com Cloudflare Inc ECC CA-3	`2023-03-30` - `2024-03-29`	a year	crt.sh
h.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-01-09` - `2024-01-23`	a year	crt.sh
*.e.aa.online-metrix.net Trustwave Organization Validation SHA256 CA, Level 1	`2023-06-14` - `2024-07-01`	a year	crt.sh

This page contains 9 frames:

Primary Page: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Frame ID: 4C6DF7CA9B0D186994B1F9A755F28F00
Requests: 109 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Frame ID: 4A1A4FF5A1CFB31B811FB32D386C4309
Requests: 7 HTTP requests in this frame

Frame: https://secure.adnxs.com/seg?add=17170052&t=2
Frame ID: 8DAFD08222E4975B2D07111B01517D6D
Requests: 1 HTTP requests in this frame

Frame: https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/2229224967483563646
Frame ID: 8B7E1EFB7CB55CB7349B6E7E561F1D0E
Requests: 1 HTTP requests in this frame

Frame: https://compliance.resortscasino.com/Q-pozVxqjV2Zs-N5?6c879fd71d25b305=q_CiMN4ioxf6vm8xVC15QG7lubmu2ANQkKkkq8ygbWjRa2i78Lsk3Kt5vgp0koO6g-dvyTKF9VKVGO-xadVeip3swfg4i7rG1W_DN-Bid6yOMHpa3-CVxBjM4JpIbDlcTEdAAnTJpsQ-ksDXpZipQGgR_MKzdVWHIAQPw6drf3AhQK2VoKb9uvpmrDekhEmbzq75SVDQCEM&jb=3d3b26266a716f753f556b6e646f7771246a716f3d55616c646d7f7b2532303939246a7362773d436a706d6d65266a71603d4168726d6567253038393230
Frame ID: DD75D0F3BEA15B49AA7563E2439320CE
Requests: 11 HTTP requests in this frame

Frame: https://compliance.resortscasino.com/MkmgI9KGsxSyMWvk?3f070dd2bfe8550e=O6TNDAjjYpy0IvpsWwpKoku1Nt_K21TzOXg0U3wsaF6S8eKUMMN2IDLhZYQ3SQrqJ2kWFbDLqJR0zUQvfSWxyfDY6xG5hu76NhAf2eoyX3deHVBayVbDO0fqVeta1ws3YOEmYSoKVFMeW_a_1F4SIw&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
Frame ID: 019E9153387A0EE400B1906660D206E3
Requests: 3 HTTP requests in this frame

Frame: https://compliance.resortscasino.com/NG5K-ltvhJWfH9VQ?cf800f7fcf258648=igrpoN_QIA1vD6NB0FzhWrdJ20OOOhBjuKVaqKMmBIyzSskHv9zaZGz41kE5SE4R4kDPSHk7RB433kW8-n2rdx7jqUvpltVyrLRaUhBwXVboXbulGl5ifVpgi1PnF6QxsGb80qCrCmKSO6bIJAv_Y7t95zwFQxZf-o6ptRw_yFlh_kedCh9aMc9t7WurZaL8XUl0XslTqE7QhQ
Frame ID: 99A9964655A0E271B4D432397E5D1A3F
Requests: 3 HTTP requests in this frame

Frame: https://h.online-metrix.net/pa_4zfAdZ8gsP5Qc?620672f3b209e93a=SHVC8G9o8W-ojn_RoAPQ8NEpi1OtnHcEuMk-QFpvjsAyJBZEe3VilIRIlKpWlLV0368NG6n7g-mqTOpXDSqg_9VWX_3fcENDJBX0RtBRo2bGmp3LliUeA06aRsukmOtQCuYsmGpP-p7i0ljr88tTuqh-b9kxBhChAntOi3prcRDZ1Tejet7gV55hDLoD4zu89-QiXS4tjCniCCY
Frame ID: 77A2129B24792088254C33FC47032AC5
Requests: 2 HTTP requests in this frame

Frame: https://compliance.resortscasino.com/nmzElz2ARYCl3Jg1?c2519d5554aa6d62=wZYvcfqMyXM5JqWx4dlhMJLUpqhy2Cp23aQXAoQWAHdsQqvi06RQHMKRak8aqMwvjB00KtgJJkD9vZ0JzANfhOE0SkRbvR6putjGxhDKWJmkNtWDoi-lVIFWjh7xCg7uSc4NqDAeUNneDR56nN-zioNPwJNF-7_F7Ketqm2RFJIeipzAL5hLAIq3HB18_MysTk1EbkCmSI7B30Q
Frame ID: 67D9297E9285B38DC8FD2D34F655EA90
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign-up - ResortsCasino.com

Page URL History Show full URLs

https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbkHt HTTP 302
https://clients.getscaled.com/campaigns/fv742dqkwncd5/track-url/zf124fdkx6432/cc18d77a6809f088fe6b750dd31c... HTTP 301
https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&me... Page URL

Detected technologies

React (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+data-react

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Clicky (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.getclicky\.com

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Matomo Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

piwik\.js|piwik\.php

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

140
Requests

81 %
HTTPS

25 %
IPv6

48
Domains

69
Subdomains

55
IPs

8
Countries

2401 kB
Transfer

8253 kB
Size

88
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.resortscasino.com/
Title: News

Search URL Search Domain Scan URL

URL: https://www.nj.gov/lps/ge/docs/SportsBetting/prohibitedempregform.pdf
Title: here

Search URL Search Domain Scan URL

URL: http://clicky.com/101132698

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbkHt HTTP 302
https://clients.getscaled.com/campaigns/fv742dqkwncd5/track-url/zf124fdkx6432/cc18d77a6809f088fe6b750dd31c8a0ef5a8199c HTTP 301
https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://secure.adnxs.com/seg?add=5150196&t=1 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1

Request Chain 31

https://a2.adform.net/serving/scripts/trackpoint/async/ HTTP 301
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

Request Chain 36

https://geo-tracker.smadex.com/hyperad/pixel-tracking?order=110876&action=homepage&rand=1370721854 HTTP 302
https://cm.smadex.com/match?sm_r=dc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=R1l2WkUwZm1SYmFrK2M5ZE8zQ051Zz09&sm_p=dc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=R1l2WkUwZm1SYmFrK2M5ZE8zQ051Zz09&sm_p=dc&google_tc= HTTP 302
https://cm.smadex.com/sync?sm_p=dc

Request Chain 72

https://a2.adform.net/Serving/TrackPoint/?pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=922099680866&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&Set1=en-US%7Cen-US%7C1600x1200%7C24 HTTP 302
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=922099680866&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&Set1=en-US%7Cen-US%7C1600x1200%7C24

Request Chain 86

https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID HTTP 302
https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/2229224967483563646

Request Chain 94

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=03762F51FF22484A87746FB6F10A0918

Request Chain 95

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/03762F51FF22484A87746FB6F10A0918 HTTP 302
https://sync.1rx.io/usersync/simplifi/03762F51FF22484A87746FB6F10A0918?zcc=1&cb=1704782835987 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-052b6881-52d7-4f34-9541-106b3379dde0-003

Request Chain 96

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=03762F51FF22484A87746FB6F10A0918&dongle=yf3

Request Chain 97

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=03762F51FF22484A87746FB6F10A0918

Request Chain 98

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=03762F51FF22484A87746FB6F10A0918 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=03762F51FF22484A87746FB6F10A0918

Request Chain 99

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=03762F51FF22484A87746FB6F10A0918 HTTP 302
https://d.agkn.com/pixel/10751/?che=1704782836132&ip=81.95.5.40&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219893204756000409097 HTTP 302
https://um.simpli.fi/aa_px?sk=219893204756000409097 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 100

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=03762F51FF22484A87746FB6F10A0918

Request Chain 103

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=03762F51FF22484A87746FB6F10A0918;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=03762F51FF22484A87746FB6F10A0918;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjQzODYxODMwMzk5OTg1Mjg5MQ== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEO8WF6MG0ZpkEw2ZwrHoGow&google_cver=1

Request Chain 104

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=03762F51FF22484A87746FB6F10A0918&j=0

Request Chain 106

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=03762F51FF22484A87746FB6F10A0918

Request Chain 107

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=03762F51FF22484A87746FB6F10A0918

Request Chain 108

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03762F51FF22484A87746FB6F10A0918

Request Chain 109

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=03762F51FF22484A87746FB6F10A0918

Request Chain 110

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=03762F51FF22484A87746FB6F10A0918

Request Chain 111

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704782835762&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8-ucZczZNozj78EPrOKegAw&sscte=1&crd=CIO9sQI&pscrd=IhMIjJ_p-trPgwMVjPE7Ah0ssQfA HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIjJ_p-trPgwMVjPE7Ah0ssQfA&is_vtc=1&ocp_id=8-ucZczZNozj78EPrOKegAw&cid=CAQSKQAvHhf_vDJiZRjyqkznmC_lZzlI7lqb8DWH-g-xnk2c1RgXJFs1Mkvi&random=812761342 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIjJ_p-trPgwMVjPE7Ah0ssQfA&is_vtc=1&ocp_id=8-ucZczZNozj78EPrOKegAw&cid=CAQSKQAvHhf_vDJiZRjyqkznmC_lZzlI7lqb8DWH-g-xnk2c1RgXJFs1Mkvi&random=812761342&ipr=y

Request Chain 113

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=03762F51FF22484A87746FB6F10A0918

Request Chain 114

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=03762F51FF22484A87746FB6F10A0918&expires=365

Request Chain 115

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=03762F51FF22484A87746FB6F10A0918

Request Chain 116

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEJ0RnX9bC4KvtJubVAstj0I&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=03762F51FF22484A87746FB6F10A0918 HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 119

https://h.online-metrix.net/JSUMg9UnE9ReiOTS?3735dab44285ee54=B_vtsdj7grmz03GLHuFtSpVTP1UBTHanexQxD1AOqgQFV0RDhBYXT1KpIVExWmh-hA6q537eegCY3hC2pHntT36Bnbl-fFWfJu0rMnTRxGvhFA2r31j3jeHiLAB2WaF9KkFYcflVVRAeGrQwG6wWT2k1QwlAOGLAsHauWrGbmg HTTP 302
https://h.online-metrix.net/JSUMg9UnE9ReiOTS?831c83607b9e47d5=B_vtsdj7grmz03GLHuFtSpVTP1UBTHanexQxD1AOqgQFV0RDhBYXT1KpIVExWmh-hA6q537eegCY3hC2pHntT36Bnbl-fFWfJu0rMnTRxGvhFA2r31j3jeHiLAB2WaF9xe8EtF9H2814tlW4xAArgg&k=2

140 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.resortscasino.com/signup/
Redirect Chain

https://tsmtpclick.com/tracking/qaR9ZGt1AQH4BQNkAmD0AQx4Awt4ZPM5qzS4qaR9ZQbkHt
https://clients.getscaled.com/campaigns/fv742dqkwncd5/track-url/zf124fdkx6432/cc18d77a6809f088fe6b750dd31c8a0ef5a8199c
https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=Af...

56 KB
13 KB

630ms
579ms

Document
text/html

104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6049c45c583f228c92390657a29242854f7fe5f138dab862a146c08d3c40a55

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 842aba402a4e6adf-FRA
content-encoding: gzip
content-language: en
content-type: text/html; charset=utf-8
date: Tue, 09 Jan 2024 06:47:13 GMT
server: cloudflare
vary: Cookie, Accept-Language
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-url: /signup/?med_source=GAaff&med_campaign=AffCPD_3000%7BInsertplacement_domain%7D&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000%7BInsertplacement_domain%7D&utm_campaign=AffCPD_3000%7BInsertplacement_domain%7D&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
x-whom: n03p110xwpws000

Redirect headers

alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control: no-store, no-cache, must-revalidate post-check=0,pre-check=0
content-length: 0
content-security-policy: frame-ancestors 'self';
content-type: text/html; charset=UTF-8
date: Tue, 09 Jan 2024 06:47:11 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
last-modified: Tue, 09 Jan 2024 06:47:11 GMT
location: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
pragma: no-cache
server: LiteSpeed
strict-transport-security: max-age=63072000; includeSubDomains
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-powered-by: PHP/8.0.30

GET
H2 200 main.min.css
www.resortscasino.com/static/stylesheets/compiled/casinoresorts/ 452 KB
59 KB 708ms
707ms Stylesheet
text/css 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e8ff93a0afcec29e7a03cbf2d81aa8b8d7a328e9a91c633c43ba237b939d04aa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
etag: W/"63f720f9-70e4f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 842aba448e1e6adf-FRA
expires: Fri, 06 Jan 2034 06:47:13 GMT

GET
H2 200 deviceatlas-custom.min.js Show response
www.resortscasino.com/static/javascripts/libs/ 5 KB
2 KB 47ms
46ms Script
application/javascript 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/static/javascripts/libs/deviceatlas-custom.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24ed6671978ad2dcceb01b7dc2da1dfff7b78e020226faf64cb5ac83617665a7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
age: 3474332
etag: W/"63f720f9-13e4"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 842aba448e1f6adf-FRA
expires: Fri, 06 Jan 2034 06:47:13 GMT

GET
H2 200 rg_logo.png
www.resortscasino.com/media/filer_public/ab/70/ab70d39c-5bac-468b-a715-eef9cad2f228/ 3 KB
3 KB 45ms
44ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/ab/70/ab70d39c-5bac-468b-a715-eef9cad2f228/rg_logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

27bc4fec5ee42fd1438fc4ce0f5ec547f949ee8f5f4753bfb9e6e38962756b68

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:13 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Mar 2020 09:34:35 GMT
server: cloudflare
age: 335823
etag: "5e7882ab-d18"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba448e216adf-FRA
content-length: 3352
expires: Fri, 06 Jan 2034 06:47:13 GMT

GET
H2 200 dge.png
www.resortscasino.com/media/filer_public/1c/6e/1c6e3dda-1fa3-4d88-a860-6a090d685c40/ 17 KB
17 KB 43ms
43ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/1c/6e/1c6e3dda-1fa3-4d88-a860-6a090d685c40/dge.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

885ab9db27d62a92a91f1bb8fa1dcc9ffd1da8512f32f8af2f9d452587d940ae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:13 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Mar 2020 09:34:35 GMT
server: cloudflare
age: 335823
etag: "5e7882ab-42ba"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba44de836adf-FRA
content-length: 17082
expires: Fri, 06 Jan 2034 06:47:13 GMT

GET
H2 200 main.min.js Show response
www.resortscasino.com/static/javascripts/compiled/casinoresorts/ 1 MB
335 KB 41ms
41ms Script
application/javascript 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fb8032c6d54e10e902616320a7214dbf15a76b71358b328e8e3c450eb99f332c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:13 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
age: 3452019
etag: W/"63f720f9-170358"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 842aba451ec06adf-FRA
expires: Fri, 06 Jan 2034 06:47:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 341 KB
102 KB 85ms
17ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f316739766275db3a4f67a4efe73909192d17012ed02151d75a27552a7535062

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 104106
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 06:47:14 GMT

GET
H2 200 brwr_resorts_nj.js Show response
www.resortscasino.com/static_builds/brand-wrapper/ 2 MB
523 KB 43ms
43ms Script
application/javascript 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d14974aac0633678cfb9d8c21bae04a1616d7f225bdfa4b5fca75e17f49ef7b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:49:20 GMT
server: cloudflare
age: 1550415
etag: W/"63f72890-1df2bd"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 842aba4aba966adf-FRA
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 resorts_desktop_120x120_white.png
www.resortscasino.com/media/filer_public/a8/5e/a85e2550-c4a5-4d50-9889-b932f5262257/ 4 KB
4 KB 44ms
43ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/a8/5e/a85e2550-c4a5-4d50-9889-b932f5262257/resorts_desktop_120x120_white.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2f9392bfe29ae4a6b417d8d07f0e2b63a02c3336d061ba2214af8abe58f12877

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: HIT
last-modified: Mon, 23 Mar 2020 09:41:35 GMT
server: cloudflare
age: 481622
etag: "5e78844f-f29"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba4aba9a6adf-FRA
content-length: 3881
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 btn_signIn.png
www.resortscasino.com/static/images/casinoresorts/ 1 KB
1 KB 42ms
41ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/static/images/casinoresorts/btn_signIn.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0bacdb548e164cf35287770db84873bbb8d2da7f85a04fb4ba9c8b692d773fd1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: HIT
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
age: 335822
etag: "63f720f9-4af"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba4aba9b6adf-FRA
content-length: 1199
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 resorts_arctic_express_gutters_left.png
www.resortscasino.com/media/filer_public/57/a5/57a5ed51-bd62-4834-bcba-38119e8854a8/ 175 KB
175 KB 47ms
46ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/57/a5/57a5ed51-bd62-4834-bcba-38119e8854a8/resorts_arctic_express_gutters_left.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

66500550e48a6abc5bd9c051226c62135d6d142e7464d3c19d7990746291920a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Dec 2023 14:50:42 GMT
server: cloudflare
age: 125935
etag: "658edcc2-2bbd0"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba4aba9c6adf-FRA
content-length: 179152
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 resorts_arctic_express_gutters_right.png
www.resortscasino.com/media/filer_public/b8/37/b837fb0f-812a-4684-814f-9d8c4998e8fa/ 177 KB
178 KB 61ms
61ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/media/filer_public/b8/37/b837fb0f-812a-4684-814f-9d8c4998e8fa/resorts_arctic_express_gutters_right.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b8b213373c49a311f1200af0708d87166b94db6fae492576dc4b8cd7519dce3b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: HIT
last-modified: Fri, 29 Dec 2023 14:50:43 GMT
server: cloudflare
age: 335822
etag: "658edcc3-2c52b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba4aba9d6adf-FRA
content-length: 181547
expires: Fri, 06 Jan 2034 06:47:14 GMT

GET
H2 200 / Show response
www.resortscasino.com/api/constance/ 559 B
603 B 153ms
153ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/constance/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b383920bd7e1d8a93b2eefa47b5f8dde56ff0f8db69d414da5c14eba7cc8066

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/constance/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws001
cf-ray: 842aba4b0ac56adf-FRA

GET
H2 200 / Show response
www.resortscasino.com/api/events/geolocation/ 334 B
224 B 410ms
410ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/events/geolocation/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34fe5baf32720c554475c55bd1505cf5e84783c4456ce67c65aa43607508c4ca

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/events/geolocation/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws001
cf-ray: 842aba4b1acd6adf-FRA

GET
H2 200 / Show response
www.resortscasino.com/api/events/session-extension/ 247 B
238 B 423ms
423ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/events/session-extension/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bcbad34cb83db532affa31ba77436a63686936eb43376880022152a58bd9cf45

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/events/session-extension/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws002
cf-ray: 842aba4b1acf6adf-FRA

GET
H2 200 / Show response
www.resortscasino.com/api/translations/en/ 228 KB
38 KB 429ms
429ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/translations/en/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04208ea43b2b51c5a05863fdb5f4c248125040d4cbb9deed84e2b3a557e6ebda

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/translations/en/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws000
cf-ray: 842aba4b1ad36adf-FRA

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 341 KB
108 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

372121a2efdc742ffc6fb84b5f5b3f857316fd82d27c7ace767c299b4834e058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 110556
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 09 Jan 2024 06:47:14 GMT

GET
H2 200 i.js Show response
tag.bounceexchange.com/1338/ 18 B
246 B 55ms
16ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.bounceexchange.com/1338/i.js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: aec10ed4786a967d972236584c6925194567c19572110d64e2ea63b727c529b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:07 GMT
via: 1.1 google
server: istio-envoy
age: 7
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
x-envoy-upstream-service-time: 0
x-region: us-central1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1559287/ 66 KB
20 KB 51ms
14ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5ba29f9f342c18191f7170127613f80ae12418f65fea4aa4844fff528862c845

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-amz-version-id: otdv.dckOtDdCf0ucNXXMp3ut128D2OR
content-encoding: gzip
via: 1.1 varnish
date: Tue, 09 Jan 2024 06:47:14 GMT
x-amz-request-id: 9FSAMM9YSW8AFK5C
age: 3682
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 20411
x-amz-id-2: KfgwQhCYx98OTNEHgJY9ofUr6WDAeUtBSUL62ujjCkDl9w2nhmkP7KscNamzkh7/EpCjzXFhXo0=
x-served-by: cache-fra-etou8220073-FRA
last-modified: Sun, 07 Jan 2024 12:07:45 GMT
server: AmazonS3
x-timer: S1704782835.503377,VS0,VE0
etag: "c18d1dcacd531dd6f12da27107112d31"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 33
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 fbds.js Show response
connect.facebook.net/en_US/ 4 KB
3 KB 51ms
15ms Script
application/x-javascript 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbds.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b16a09a6c172f1def0e126c2631a862d3cdc503ec6bf09b69c4d51817ed2aa7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), keyboard-map=(), picture-in-picture=(), xr-spatial-tracking=()
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 06:47:14 GMT
content-md5: 1iZ0UMXhzoOHIi9rgvU2kw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2166
reporting-endpoints
x-fb-debug: A19zAza1bG3C7YJcRUxKFCT0nNi6XQDLlXSezs20c61TwQR0bp79JKID2fBPLVVd7GrqzEBWP7ZmnF4tDfTF1w==
x-fb-content-md5: 2af91db865f3b5d4b854450e7643ebee
cross-origin-opener-policy: same-origin-allow-popups
etag: "b33e8a08e8b72d9bc3ff4d525fe438a3"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Tue, 09 Jan 2024 07:01:43 GMT

GET
H2 200 hotjar-88150.js Show response
static.hotjar.com/c/ 9 KB
4 KB 53ms
16ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-88150.js?sv=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

a231e0c02ad917ff91617656d5c03d1bec42c77d8a99a5494e7480e628b2a486

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 06:47:13 GMT
via: 1.1 3a3c1dcacd115187f53f40028ae4bd24.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/8e1a5e00c3a881ce93faaf9240f18b78
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: IHa3BGn3HZTJayRQ-7D0Nwgtjc0R8oJ-NQagM7DqcmeFI-g20nP5OQ==

GET
H2

200

bounce Show response
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=5150196&t=1
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1

212 B
1 KB

27ms
27ms

Script
application/javascript

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1

Requested by

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

f76ba93a0ba83b8293fec79374fba39a5b44bbafe99ea2b5e97f067e87dc7c55

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 1e5c8b04-1aa4-4013-9529-34e0fa874685
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.40; 81.95.5.40; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 212
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 19a11464-bc58-4926-82d3-cd6bfd235ca5
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D5150196%26t%3D1
x-proxy-origin: 81.95.5.40; 81.95.5.40; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ 10 KB
5 KB 63ms
25ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=01306d6b-d2d3-43d8-96ad-c30435828788

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
x-amz-version-id: hKEbdq289Xo7bHrM.yPFOdJ37r5nFwfe
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: SJN8N1JDMTD43WG0
age: 53
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: OdnBjVcC5xsQvyjtpPVBe21NpgZXl51NRJfLydbGvh5Gu9AdfuYJ4+/g1Hhtqo28e16NzYJZ+wk=
last-modified: Wed, 09 Aug 2023 01:01:02 GMT
server: cloudflare
etag: W/"42d94c325a0b012e41f9c3907853625a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SusWH0Dn4OZpCd99dBb92zgkL%2BnPEkEAfu2zuzqDX9aposWgwi4x8UUICb5MRQQjeoul1UzIBjr8IVRVkAheUXlTKeirQOCQbU6YrFLTfn%2F47HmdXiR1MQuiRD%2Fo%2FSFeYqOLfuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 842aba4bae379004-FRA

GET
H2 200 sdk-v1.0.1.js Show response
sdk-cdn.optimove.net/websdk/ 57 KB
11 KB 155ms
118ms Script
text/plain 35.201.79.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.1.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.79.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.79.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c07a1ff7aa4100e7246ce4a9c8b633648ec12addd93fcf1a51a5c728d5dadb0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
age: 0
x-guploader-uploadid: ABPtcPptEaeCRUYKKEvJGRPeYxOMQ3iTiOep9HxqDGqksY8Q8Orfr8Ejch8P37PksfFW3KrbqFY
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10289
last-modified: Tue, 20 Feb 2018 16:00:45 GMT
server: UploadServer
etag: "44853453876eb39299f8bc18fc6da402"
x-goog-hash: crc32c=av1Aag==, md5=RIU0U4dus5KZ+LwY/G2kAg==
x-goog-generation: 1519142445437909
content-language: en
content-type: text/plain
cache-control: public,max-age=300,no-transform
x-goog-stored-content-length: 10289
accept-ranges: bytes

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 197 KB
72 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-822849185

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2e6cf6ec81679a6fd81a79adb28d30fb24ca8712023ac1721fbe26441ce430c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 73317
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Jan 2024 06:47:14 GMT

GET
H/1.1 200
OK tv2track.js Show response
collector-562.tvsquared.com/piwik/ 20 KB
9 KB 425ms
111ms Script
application/javascript 3.136.125.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://collector-562.tvsquared.com/piwik/tv2track.js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.125.130 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-125-130.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 01 Nov 2023 13:50:22 GMT
Server: nginx
ETag: "6542579e-2133"
Content-Type: application/javascript
Cache-Control: max-age=600
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 8499
Expires: Tue, 09 Jan 2024 06:57:14 GMT

GET 288
datplus.springserve.com/px/tag/ 0
0

GET
H2 200 js Show response
static.getclicky.com/ 15 KB
6 KB 65ms
24ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.getclicky.com/js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 05 Jan 2024 21:48:56 GMT
server: cloudflare
age: 291496
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 842aba4bacde3814-FRA
alt-svc: h3=":443"; ma=86400
x-proxy-cache: HIT

GET
H/1.1 200
OK otherlevels.js Show response
cdn.otherlevels.com/js-sdk/ 126 KB
37 KB 57ms
16ms Script
application/javascript 108.157.4.72
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=91bbf7114c10a0b186796a4a633fc98e
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.72 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-72.dus51.r.cloudfront.net
Software: /
Resource Hash: 1286879e461d713585a76ee3e422d862060c3bfda30097e242660ddfb084aa1b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:12 GMT
Content-Encoding: gzip
Via: 1.1 e60c6ee10489538b535a3fc65e54d028.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P2
Age: 2
X-Cache: Hit from cloudfront
Content-Type: application/javascript; charset=UTF-8
Cache-Control: public, max-age=172800
Connection: keep-alive
Content-Length: 37797
X-Amz-Cf-Id: JFD0KPR5Awqf80o0f1jf-fkdn3f8BMVRfibr-pHaqi_ac1gCEN-cPg==

GET
H2 204 5c473dd579fbec000cb6f3d7 Show response
go.affec.tv/j/ 0
231 B 93ms
30ms Script
text/plain 54.194.142.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.affec.tv/j/5c473dd579fbec000cb6f3d7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.142.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-194-142-151.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Wed, 04 Apr 1990 00:00:00 GMT
date: Tue, 09 Jan 2024 06:47:14 GMT
cache-control: no-cache, private, no-store, max-age=0, s-maxage=0, must-revalidate, proxy-revalidate
content-encoding: gzip
vary: Accept-Encoding
p3p: CP="CAO DSP COR PSAo CONo HISo OTPo OUR IND NAV INT CNT OTC"

GET
H2 200 seg Show response
secure.adnxs.com/ 0
967 B 15ms
14ms Script
application/javascript 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=16909360&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 002a24c8-4286-43a7-9d3c-13c1374d3af8
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.40; 81.95.5.40; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ytc.js Show response
s.yimg.com/wi/ 18 KB
7 KB 32ms
9ms Script
application/javascript 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/ytc.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1, 1
date: Tue, 09 Jan 2024 06:28:28 GMT
x-amz-version-id: xC6OTTJGIjCqkMTkbrZpmtbXHK5oaZhW
content-encoding: gzip
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: MXXE7GMM5PAA2YF4
age: 1127
x-amz-server-side-encryption: AES256
content-length: 6262
x-amz-id-2: EhkU22Xp9ViWU3SANEddWVnx6r4FM38RmmV5lIq6aaKIhzRIiPzrSCqXpkMOYlY5s43BXxQOfC0wTElqsT12fg==
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
x-amz-expiration: expiry-date="Wed, 31 Jul 2024 00:00:00 GMT", rule-id="oath-standard-lifecycle"
last-modified: Mon, 26 Jun 2023 09:26:35 GMT
server: ATS
etag: "5c6ed25dce803fd84288922b8928409e-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Accept-Encoding
content-type: application/javascript
cache-control: public,max-age=3600
accept-ranges: bytes

GET
H2

200

trackpoint-async.js Show response
s2.adform.net/banners/scripts/st/
Redirect Chain

https://a2.adform.net/serving/scripts/trackpoint/async/
https://s2.adform.net/banners/scripts/st/trackpoint-async.js

81 KB
31 KB

149ms
80ms

Script
application/javascript

37.157.5.73
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Server: 37.157.5.73 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
last-modified: Tue, 23 May 2023 09:56:34 GMT
server: nginx
x-amz-request-id: tx00000ea239e22e83b616b-00646c8ee1-3295d06f-default
etag: W/"f937ab3eef01c118930b200e5087d00d"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal
cache-control: public, max-age=604800

Redirect headers

location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
date: Tue, 09 Jan 2024 06:47:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
content-type: text/html

GET
H2 200 24133590-8dea-013b-adc3-0cc47abd0334 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 55ms
18ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/24133590-8dea-013b-adc3-0cc47abd0334
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 981e9dbd0169453bdef25e3118a3fe7b6b3d8f5b646da2439214fc5f0aa1d077

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F6ia9KkWpxBX3QZQz9BB
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 09 Jan 2024 05:48:17 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 3537
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 09 Jan 2024 07:48:17 GMT

GET
H2 200 regstart Show response
zz.connextra.com/dcs/tagController/tag/2b2d58e0996f/ 45 KB
16 KB 91ms
41ms Script
text/javascript 104.102.33.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/dcs/tagController/tag/2b2d58e0996f/regstart
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.33.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-33-171.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: 0667094730c910ca2134e354646ba6c7e5b7c4bd3a882b35ab466387f7f3689e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
server: istio-envoy
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: must-revalidate, max-age=300
x-envoy-upstream-service-time: 3
content-length: 16251
expires: Tue, 09 Jan 2024 06:52:14 GMT

GET
H2 204 mark
trc.taboola.com/1559287/log/3/ 0
288 B 17ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/1559287/log/3/mark?marking-type=External&item-url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&gtmcb=1053640825
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Tue, 09 Jan 2024 06:47:14 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7516
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220073-FRA
pragma: no-cache
server: nginx
x-timer: S1704782835.535022,VS0,VE10
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2

204

sync
cm.smadex.com/
Redirect Chain

https://geo-tracker.smadex.com/hyperad/pixel-tracking?order=110876&action=homepage&rand=1370721854
https://cm.smadex.com/match?sm_r=dc
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=R1l2WkUwZm1SYmFrK2M5ZE8zQ051Zz09&sm_p=dc
https://cm.g.doubleclick.net/pixel?google_nid=smadex_2&google_hm=R1l2WkUwZm1SYmFrK2M5ZE8zQ051Zz09&sm_p=dc&google_tc=
https://cm.smadex.com/sync?sm_p=dc

0
302 B

106ms
106ms

Image
text/plain

18.66.112.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.smadex.com/sync?sm_p=dc
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Server: 18.66.112.102 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-102.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
x-amz-cf-id: MmJ_BNJqX-rZoyvkiRqINrlj3FSiPZW80ymxGcnQMAEmhV1m0yIwGQ==
x-cache: Miss from cloudfront

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.smadex.com/sync?sm_p=dc
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 231
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 badge.gif
static.getclicky.com/media/links/ 241 B
404 B 17ms
17ms Image
image/gif 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.getclicky.com/media/links/badge.gif
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

expires: Tue, 16 Jan 2024 06:47:14 GMT
date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Apr 2016 00:13:35 GMT
server: cloudflare
age: 291493
etag: "570d8f2f-f1"
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 842aba4bed273814-FRA
alt-svc: h3=":443"; ma=86400
content-length: 241
x-proxy-cache: MISS

GET
H2 200 fire
broadbeam-5-adswizz.attribution.adswizz.com/ 68 B
176 B 178ms
52ms Image
image/png 54.76.237.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://broadbeam-5-adswizz.attribution.adswizz.com/fire?pixelId=baa64b93-663e-47bb-8bf2-19d9a1ad5422&type=sitevisit&subtype=FormSubmission1&aw_0_req.gdpr=true&redirectURL=aHR0cHM6Ly9waXhlbC50YXBhZC5jb20vaWRzeW5jL2V4L3JlY2VpdmU_cGFydG5lcl9pZD0yOTk0JjwjaWYgcmVxdWVzdC5saXN0ZW5lcklkP21hdGNoZXMoJ1swLTlhLWZdezh9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezR9LVswLTlhLWZdezEyfScpPnBhcnRuZXJfdHlwZWRfZGlkPSU3QiUyMkhBUkRXQVJFX0FORFJPSURfQURfSUQlMjIlM0ElMjIke3JlcXVlc3QubGlzdGVuZXJJZH0lMjIlN0Q8I2Vsc2VpZiByZXF1ZXN0Lmxpc3RlbmVySWQ_bWF0Y2hlcygnWzAtOUEtRl17OH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17NH0tWzAtOUEtRl17MTJ9Jyk-cGFydG5lcl90eXBlZF9kaWQ9JTdCJTIySEFSRFdBUkVfSURGQSUyMiUzQSUyMiR7cmVxdWVzdC5saXN0ZW5lcklkfSUyMiU3RDwjZWxzZT5wYXJ0bmVyX2RldmljZV9pZD0ke3JlcXVlc3QubGlzdGVuZXJJZCF9PC8jaWY-Cg
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.76.237.168 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-237-168.eu-west-1.compute.amazonaws.com
Software: istio-envoy /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
x-envoy-upstream-service-time: 11
server: istio-envoy
content-length: 68
content-type: image/png

POST
H2 200 / Show response
www.resortscasino.com/common/log/ 40 B
161 B 177ms
177ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/common/log/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f1cb57eab48e93e07eaa3e64ff0cc810c1cdd27a7534008efcb81f0712115cb8

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
accept-language: de-DE,de;q=0.9
X-CSRFToken: I7guItuOfjpDzpUNZZofdZKPcIo8qefuA8XpDfcBJumqnC0HpHCbI7pGEkLEfQVF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: POST, OPTIONS
vary: Accept-Language, Cookie
content-language: en
x-url: /common/log/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: n03p110xwpws001
cf-ray: 842aba4c4bba6adf-FRA
content-length: 40

GET
H2 200 / Show response
www.resortscasino.com/api/translations//en/bonuscodes,account,two_factor_auth/ 20 KB
5 KB 417ms
417ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/translations//en/bonuscodes,account,two_factor_auth/?output_format=react

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e10ac8e6f76747c1475e8d310c109e553207bde8f24601414b26845fe525606e

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
accept-language: de-DE,de;q=0.9
X-CSRFToken: I7guItuOfjpDzpUNZZofdZKPcIo8qefuA8XpDfcBJumqnC0HpHCbI7pGEkLEfQVF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/translations/en/bonuscodes,account,two_factor_auth/?output_format=react
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws003
cf-ray: 842aba4cbc016adf-FRA

POST
H2 204 collect
region1.analytics.google.com/g/ 0
258 B 76ms
19ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FQ0H43EGGW&gtm=45je4130v881813852z871005047&_p=1704782834318&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=93025494.1704782835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704782834&sct=1&seg=0&dl=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&dt=Sign-up%20-%20ResortsCasino.com&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3167
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
249 B 100ms
30ms Ping
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-FQ0H43EGGW&cid=93025494.1704782835&gtm=45je4130v881813852z871005047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 75ms
20ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-K0JNZQ9WRQ&gtm=45je4130v881813852z871005047&_p=1704782834318&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=93025494.1704782835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1704782834&sct=1&seg=0&dl=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&dt=Sign-up%20-%20ResortsCasino.com&en=page_view&_fv=1&_ss=1&tfd=3169
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/721005222/ 3 KB
2 KB 110ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/721005222/?random=1704782834699&cv=11&fst=1704782834699&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&hn=www.googleadservices.com&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&auid=1879548916.1704782834&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bb36a15b39954e4d96f71edb31a886e40d4adf623c8d6b4532957bd39cafd4d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/957670763/ 3 KB
2 KB 105ms
58ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/957670763/?random=1704782834706&cv=11&fst=1704782834706&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&hn=www.googleadservices.com&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&auid=1879548916.1704782834&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f5d05d39d2219564f1c00ecffa0f75c63e2dd6083795cfc7fbaae5c133c8c73d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1380
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
26ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-FQ0H43EGGW&cid=93025494.1704782835&gtm=45je4130v881813852z871005047&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1079953189

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 57ms
15ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1376853382613673&ev=PixelInitialized&dl=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&rl=&if=false&ts=1704782834713

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 09 Jan 2024 06:47:14 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 modules.abdef350bc65bc59cb61.js Show response
script.hotjar.com/ 220 KB
55 KB 77ms
27ms Script
application/javascript 18.173.233.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-88150.js?sv=5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.233.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-233-79.dus51.r.cloudfront.net

Software

Resource Hash

5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Mon, 08 Jan 2024 10:38:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 984c44215b4097c6a641c48a45b28302.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 72548
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55659
last-modified: Mon, 08 Jan 2024 10:37:27 GMT
etag: "80c44d9c04a527e3fdaa01818eb305c1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: LXx1a95qzEkzrN8NuFiURGKSsuabUU8kmmsVRr-U0w1AOO7sYXPFXg==

GET
H2 200 json Show response
trc.taboola.com/1559287/trc/3/ 2 KB
1 KB 47ms
47ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1559287/trc/3/json?tim=1704782834717&data=%7B%22id%22%3A933%2C%22ii%22%3A%22%2Fsignup%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1704782834714%2C%22cv%22%3A%2220240107-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-cmcnallyresortsaccom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1704782834717%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 912a88846bb5ac2cb80ba50d758c16dd81b176431aaaa88ad27649265da97136

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

x-vcl-time-ms: 25
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
via: 1.1 varnish
cpu: 0.14850000000000002
x-fastly-to-nlb-rtt: 7586
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220073-FRA
x-log-content-encoding: gzip
server: nginx
x-timer: S1704782835.784818,VS0,VE25
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 10076868.json Show response
s.yimg.com/wi/config/ 2 B
463 B 292ms
13ms XHR
application/json 2a00:1288:80:807::2
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://s.yimg.com/wi/config/10076868.json

Requested by

Host: s.yimg.com
URL: https://s.yimg.com/wi/ytc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Tue, 09 Jan 2024 06:47:12 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-amz-request-id: ARFM8TWE2HCG1YDS
age: 3
content-length: 2
x-amz-id-2: 6pC69eMHClXXpgozU80xQ62DyVaqt4yXyijsdkcNj4tneiUWLAKKfEaTqftIziUsTW69XAUrreA=
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: ATS
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=3600

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
213 B 24ms
24ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1659866721&t=pageview&_s=1&dl=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&ul=en-us&de=UTF-8&dt=Sign-up%20-%20ResortsCasino.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=1046216446&gjid=1546046208&cid=93025494.1704782835&tid=UA-59913499-1&_gid=654988512.1704782835&_r=1&_slc=1&gtm=45He4130n71NLM93Xv71005047&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1683949461

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.resortscasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 seg Show response
secure.adnxs.com/ 0
968 B 17ms
17ms Script
application/javascript 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/seg?add=5150224&t=1

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLM93X

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
an-x-request-uuid: 33742310-f684-459a-863a-9761970a7214
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.40; 81.95.5.40; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 01306d6b-d2d3-43d8-96ad-c30435828788 Show response
ekr.zdassets.com/compose/ 2 KB
2 KB 783ms
749ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/01306d6b-d2d3-43d8-96ad-c30435828788

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=01306d6b-d2d3-43d8-96ad-c30435828788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33d232a0ad874c69bd4a9f24dd74f4576f14b64dae289cd7eb759c802191e633

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
status: 200 OK
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8308fa600e4c32d3-SEA, 8308fa600e4c32d3-SEA
x-runtime: 0.013541
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"33d232a0ad874c69bd4a9f24dd74f457"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1zJBbXUaPOLE8nNC7NLm90cXm1rKfg4sCcFxTlobmxDMHRE7U1bEomOLG%2FRVjbrpbw67F3xNtoUPH%2BnjrvoWu4KS3mrm00CDGPuxrGVNTiFX%2BqIPsWsv9d7nfEmJDhzAp%2Fs%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 842aba4d6ab11da0-FRA

GET
H2 200 1.0.0.js Show response
sdk-cdn.optimove.net/webconfig/b59812a64cbe7437124258f7a920b24066caf9e8d471bf66e05459e3923e5d03/ 4 KB
1 KB 417ms
417ms Script
application/javascript 35.201.79.141
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://sdk-cdn.optimove.net/webconfig/b59812a64cbe7437124258f7a920b24066caf9e8d471bf66e05459e3923e5d03/1.0.0.js
Requested by: Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.201.79.141 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 141.79.201.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 6a393fa0deff75c761b596183b83ecfb6aecbd3788c298130073a1b98cd91585

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrO5HQBhzHcejv9Hs7-5zuW8Tkz2CXAzlvEUJEChzOjuFj2NOuVP8lPn3xqxvAE4iXZoeM
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 804
last-modified: Tue, 07 Mar 2023 13:02:55 GMT
server: UploadServer
etag: "6e1f27120f3f432e715a6b5559027dbb"
vary: Accept-Encoding
x-goog-generation: 1678194174963202
content-type: application/javascript
content-language: en
x-goog-hash: crc32c=mWa5mQ==, md5=bh8nEg8/Qy5xWmtVWQJ9uw==
cache-control: public,max-age=300
x-goog-stored-content-length: 804
accept-ranges: bytes

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/822849185/ 3 KB
1 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/822849185/?random=1704782834756&cv=11&fst=1704782834756&bg=ffffff&guid=ON&async=1&gtm=45be4130&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&hn=www.googleadservices.com&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&auid=1879548916.1704782834&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-822849185

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dac79d2bf18dfa4dc8ef564e35de01d65919baec579f0a7705ac54e4336c769a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H/1.1 204
No Content session
js-api.otherlevels.com/0.8/ Frame 0
0 787ms
201ms Preflight 34.215.99.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.99.216 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-99-216.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.resortscasino.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Date: Tue, 09 Jan 2024 06:47:15 GMT
Server: Tengine
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

POST
H/1.1 200
OK session Show response
js-api.otherlevels.com/0.8/ 3 B
816 B 209ms
209ms XHR
text/plain 34.215.99.216
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-api.otherlevels.com/0.8/session

Requested by

Host: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=91bbf7114c10a0b186796a4a633fc98e

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.215.99.216 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-215-99-216.us-west-2.compute.amazonaws.com

Software

Tengine /

Resource Hash

9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff
X-Xss-Protection	1; mode=block, 1; mode=block

Request headers

Referer: https://www.resortscasino.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Tue, 09 Jan 2024 06:47:15 GMT
X-Content-Type-Options: nosniff, nosniff
Connection: keep-alive
Content-Length: 3
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Request-Id: sdkapi-dc5952b8-4dcc-4bae-81d6-45f8a478c2e7
Pragma: no-cache;
Server: Tengine
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET, POST, DELETE, PUT, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-Request-Id
Cache-Control: no-store, must-revalidate, no-cache, max-age=0;
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
Expires: Mon, 01 Jan 0001 00:00:00 GMT;

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 30ms
30ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-59913499-1&cid=93025494.1704782835&jid=1046216446&gjid=1546046208&_gid=654988512.1704782835&_u=YADAAAAAAAAAAC~&z=968110007

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.resortscasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 86ms
35ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59913499-1&cid=93025494.1704782835&jid=1046216446&_u=YADAAAAAAAAAAC~&z=1164915009

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 57ms
56ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-59913499-1&cid=93025494.1704782835&jid=1046216446&_u=YADAAAAAAAAAAC~&z=1164915009

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/721005222/ 42 B
154 B 69ms
35ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/721005222/?random=1704782834699&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3ntPpuccGA_QvvSbvykeMg2bMmu8Zw&random=848934846&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/721005222/ 42 B
154 B 37ms
34ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/721005222/?random=1704782834699&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3ntPpuccGA_QvvSbvykeMg2bMmu8Zw&random=848934846&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/957670763/ 42 B
108 B 71ms
38ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/957670763/?random=1704782834706&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Xu112ExmKQg5K7RS2uGCDFTTcvXsrg&random=1423668032&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/957670763/ 42 B
108 B 38ms
35ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/957670763/?random=1704782834706&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45je4130v881813852z871005047&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_Xu112ExmKQg5K7RS2uGCDFTTcvXsrg&random=1423668032&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/822849185/ 42 B
108 B 67ms
37ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/822849185/?random=1704782834756&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3xhTMqO4YfIHqAxt1Kbnt7wkeh_gLA&random=1235021780&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/822849185/ 42 B
108 B 55ms
55ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/822849185/?random=1704782834756&cv=11&fst=1704780000000&bg=ffffff&guid=ON&async=1&gtm=45be4130&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&frm=0&tiba=Sign-up%20-%20ResortsCasino.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSGwAvHhf_3xhTMqO4YfIHqAxt1Kbnt7wkeh_gLA&random=1235021780&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:14 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 browser-perf.28a8c6b22b3c0474c577.js Show response
script.hotjar.com/ 4 KB
2 KB 28ms
27ms Script
application/javascript 18.173.233.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/browser-perf.28a8c6b22b3c0474c577.js

Requested by

Host: script.hotjar.com
URL: https://script.hotjar.com/modules.abdef350bc65bc59cb61.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.233.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-233-79.dus51.r.cloudfront.net

Software

Resource Hash

f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Sun, 26 Nov 2023 13:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 984c44215b4097c6a641c48a45b28302.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
age: 3775975
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 1589
last-modified: Thu, 23 Nov 2023 14:00:23 GMT
etag: "d065ec1659ab8dbb93042fdf9a225634"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: wxvvjvdfpWZZLHAR1cTEFBYqcYvwBYCKaroRJeRbReaYwpXnoG9u1A==

GET
H/1.1 200
OK piwik.php
collector-562.tvsquared.com/piwik/ 42 B
276 B 109ms
109ms Image
image/gif 3.136.125.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-562.tvsquared.com/piwik/piwik.php?action_name=Sign-up%20-%20ResortsCasino.com&idsite=TV-453672-1&rec=1&r=017608&h=7&m=47&s=14&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&_id=c4f38a441ab214fc&_idts=1704782835&_idvc=0&_idn=1&_viewts=&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&gt_ms=746
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.125.130 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-125-130.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Tue, 09 Jan 2024 06:47:14 GMT
Server: nginx
Connection: keep-alive
Request-Id: 42b91259-cabc-4580-9999-f3460201bb6d
Content-Length: 42
Content-Type: image/gif

GET
H/1.1 200
OK piwik.php
collector-562.tvsquared.com/piwik/ 42 B
276 B 224ms
113ms Image
image/gif 3.136.125.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://collector-562.tvsquared.com/piwik/piwik.php?action_name=Sign-up%20-%20ResortsCasino.com&idsite=TV-453672-1&rec=1&r=174497&h=7&m=47&s=14&url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&_id=c4f38a441ab214fc&_idts=1704782835&_idvc=0&_idn=0&_viewts=&cvar=%7B%225%22%3A%5B%22signup_start%22%2C%22%7B%5C%22rev%5C%22%3A%5C%220%5C%22%2C%5C%22prod%5C%22%3A%5C%22%5C%22%2C%5C%22id%5C%22%3A%5C%22%5C%22%2C%5C%22promo%5C%22%3A%5C%22For%20future%20use%5C%22%7D%22%5D%7D&pdf=1&qt=0&realp=0&wma=0&dir=0&fla=0&java=0&gears=0&ag=0&cookie=1&res=1600x1200&_cvar=%7B%225%22%3A%5B%22session%22%2C%22%7B%5C%22user%5C%22%3A%5C%22%5C%22%7D%22%5D%7D&gt_ms=746
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.136.125.130 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-136-125-130.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

P3p: CP='OTI DSP COR NID STP UNI OTPa OUR'
Date: Tue, 09 Jan 2024 06:47:15 GMT
Server: nginx
Connection: keep-alive
Request-Id: 4be80b38-3ab0-4df4-b923-20759e12ef58
Content-Length: 42
Content-Type: image/gif

GET
H2 200 in.php Show response
in.getclicky.com/ 98 B
282 B 186ms
184ms Script
text/javascript 2606:4700::6811:626c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://in.getclicky.com/in.php?site_id=101132698&href=%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&title=Sign-up%20-%20ResortsCasino.com&res=1600x1200&lang=en-US&tz=Europe%2FBerlin&tc=&ck=1&x=6mo3k
Requested by: Host: static.getclicky.com
URL: https://static.getclicky.com/js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:626c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 066ecc231bdde1a2949331b7218f0b49fd09905886f44d54201e6b50be569f6a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate, no-cache, no-store, private
cf-ray: 842aba4e7edd3814-FRA
alt-svc: h3=":443"; ma=86400
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 sp.pl
sp.analytics.yahoo.com/ 43 B
631 B 128ms
49ms Image
image/gif 212.82.100.181
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sp.analytics.yahoo.com/sp.pl?a=10000&d=Tue%2C%2009%20Jan%202024%2006%3A47%3A15%20GMT&n=-1&b=Sign-up%20-%20ResortsCasino.com&.yp=10076868&f=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&enc=UTF-8&yv=1.15.1&tagmgr=gtm

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

212.82.100.181 Dublin, Ireland, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

spdc.pbp.vip.ir2.yahoo.com

Software

ATS /

Resource Hash

0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39

Security Headers

Name	Value
Content-Security-Policy	sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
content-type: image/gif
cache-control: no-cache, private, must-revalidate
accept-ranges: bytes
content-length: 43
expires: Tue, 09 Jan 2024 06:47:15 GMT

GET
H2

200

/ Show response
a2.adform.net/Serving/TrackPoint/
Redirect Chain

https://a2.adform.net/Serving/TrackPoint/?pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=922099680866&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26...
https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=922099680866&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAa...

110 B
714 B

104ms
104ms

Script
text/javascript

185.167.164.39
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=922099680866&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&Set1=en-US%7Cen-US%7C1600x1200%7C24

Requested by

Protocol

Server

185.167.164.39 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

9741f6dbbed8620d7a1e1af61d4b31a3ae6dda8c1f4ca48cd6dec5a776d065f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 185
expires: -1

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=2158046&ADFPageName=Page%20Views&ADFdivider=%7C&ord=922099680866&ADFtpmode=2&loc=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&Set1=en-US%7Cen-US%7C1600x1200%7C24
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control: no-cache, no-store, must-revalidate, no-transform
expires: -1

GET
H2 404 piwik.js
resortactracksdk.optimove.net/ 0
0 207ms
176ms Script
text/html 107.154.132.121
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://resortactracksdk.optimove.net/piwik.js
Requested by: Host: sdk-cdn.optimove.net
URL: https://sdk-cdn.optimove.net/websdk/sdk-v1.0.1.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.132.121 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.132.121.ip.incapdns.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

GET
H2 200 / Show response
www.resortscasino.com/api/v2/promotions/categories/ 2 B
87 B 175ms
174ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/v2/promotions/categories/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
accept-language: de-DE,de;q=0.9
X-CSRFToken: I7guItuOfjpDzpUNZZofdZKPcIo8qefuA8XpDfcBJumqnC0HpHCbI7pGEkLEfQVF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cf-cache-status: DYNAMIC
server: cloudflare
allow: GET, HEAD, OPTIONS
vary: Accept-Language, Cookie
content-language: en
x-url: /api/v2/promotions/categories/
content-type: application/json
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
x-whom: n03p110xwpws001
cf-ray: 842aba4fde4e6adf-FRA
content-length: 2

GET
H2 200 / Show response
www.resortscasino.com/api/translations//en/loyalty/ 2 KB
1 KB 165ms
165ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/translations//en/loyalty/?output_format=react

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static_builds/brand-wrapper/brwr_resorts_nj.js?rev=f7bd47a9b0fd81290267856b6ae6a598

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

12c7cc1a1ae1e5c52e53c169b3038a4b7ca0a207df0193b349ef9e4661756d1f

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
accept-language: de-DE,de;q=0.9
X-CSRFToken: I7guItuOfjpDzpUNZZofdZKPcIo8qefuA8XpDfcBJumqnC0HpHCbI7pGEkLEfQVF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/translations/en/loyalty/?output_format=react
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws004
cf-ray: 842aba4fde4f6adf-FRA

POST
H2 200 / Show response
www.resortscasino.com/common/endpoint/ 143 B
221 B 174ms
174ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/common/endpoint/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5415326eeb1895aa8b63ba1199e43c5d16b54c3c22ef286e4a46f603121eec8b

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
X-CSRFToken: I7guItuOfjpDzpUNZZofdZKPcIo8qefuA8XpDfcBJumqnC0HpHCbI7pGEkLEfQVF
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: POST, OPTIONS
content-language: en
x-url: /common/endpoint/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws003
cf-ray: 842aba500e856adf-FRA

GET
H2 200 dropdown.png
www.resortscasino.com/static/images/casinoresorts/ 3 KB
3 KB 377ms
377ms Image
image/png 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.resortscasino.com/static/images/casinoresorts/dropdown.png

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7bd009e361a96129158c60dc57080f487ab887129889c28b0bb84c95f934d57

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/static/stylesheets/compiled/casinoresorts/main.min.css?rev=3.20.5
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cf-cache-status: MISS
last-modified: Thu, 23 Feb 2023 08:16:57 GMT
server: cloudflare
etag: "63f720f9-b4d"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 842aba502e926adf-FRA
content-length: 2893
expires: Fri, 06 Jan 2034 06:47:15 GMT

GET
H2 200 / Show response
www.resortscasino.com/api/signup/threat_metrix_session_id/ 83 B
245 B 178ms
178ms XHR
application/json 104.16.179.60
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.resortscasino.com/api/signup/threat_metrix_session_id/

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.179.60 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3ab3f8aa7752aea21b15dc68b6fa9859d3b3bb4e2476e0d1bff980eb5f39f46

Security Headers

Name	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Request headers

Accept: */*
Referer: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
x-frame-options: ALLOW-FROM HTTPS://CL.KGMSRV.COM/, ALLOW-FROM HTTPS://CL.KGMSRV.COM/
allow: GET, HEAD, OPTIONS
content-language: en
x-url: /api/signup/threat_metrix_session_id/
content-type: application/json
vary: Accept-Language, Cookie
x-whom: n03p110xwpws004
cf-ray: 842aba502e976adf-FRA

GET
H/1.1 200
OK 9o37gmne94poni7e.js Show response
compliance.resortscasino.com/ 95 KB
14 KB 253ms
35ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/9o37gmne94poni7e.js?kfd26c7dipgrwoa5=cigsl5rh&1n201ocddcp81t0h=8fe4064176fa4003b0f41c8c1f9851a8

Requested by

Host: www.resortscasino.com
URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b5b925e013f65c57512f3b8fc1aff6f57541e59c0e5b8635fa8c45da4ef63c89

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: CP=IVAa PSAa
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=100
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 web-widget-main-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 4A1A 923 KB
265 KB 46ms
46ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=01306d6b-d2d3-43d8-96ad-c30435828788

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
x-amz-version-id: PAflfXOdiQDrMRVYun69YoketTkl1xNU
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPBW7W4HNMQNRZQ
age: 3038302
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: wfPEdY9k/zcvsIza71zRAfGSA06ccGjnyFntR/pEQA5wKZJx4KMSIhZ1mIOYvRkIKiOLJAwMzi4=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"6f8511a72c96db8b22e6373718b842ed"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QoUCTP5k2lFqdp%2FJoZgX59qSf6MSEwJ7v6keUDbcOzl4JVblje%2Fv%2BoZxRBobQ%2Fk3%2BYllOOg0GG6piYxwoxRC7C5XsJwmuj%2F2oRaV3x0TJGfSG07rXlNTxZ1JYbzISpvTwxTAoJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba5239669004-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 en-us-json-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/ Frame 4A1A 25 KB
6 KB 42ms
42ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-locales/classic/en-us-json-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
x-amz-version-id: Xo1h7j84vGmG9Gk_pCcj7jCQD2BwGUUO
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 1BPFGS4SBCJ216KA
age: 3038301
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: KPhHQZ5iIGydSOF/FRCx8eCn3ImV7hM3qo3KWavgH4MUbCLy67WRA+HVKMqLOfRNXjGgWGdXoIE=
last-modified: Tue, 05 Dec 2023 00:24:12 GMT
server: cloudflare
etag: W/"6eb45e96a7cbb4b8ca10897f3cf09981"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qkDKzuOX7yqdfmzNN%2B6XO7HO6igmkzauvaA8272%2BLkimyX0rNT2u%2Bji%2BnhVWuXQFWIQcfcQIb1Xu0fqAPhYpzJ5yzrfKoUjfbu1GK4yKmUbyuGx1UVqTVojMtZL7yuc5VaaLbls%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba535a2b9004-FRA
expires: Wed, 04 Dec 2024 00:24:11 GMT

GET
H2 200 config Show response
resorts.zendesk.com/embeddable/ Frame 4A1A 1 KB
1 KB 285ms
217ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://resorts.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0802818040a298f240cc7a1dd6bf398b19981a52a6fa113eb7f8d058ef68128

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-868b474749-s7bkv
x-cached: MISS
x-request-id: 842aba53ca3003e4-FRA
x-runtime: 0.002236
last-modified: Tue, 09 Jan 2024 05:45:54 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ze2xBXUYfHMl2IMwUgOwDjL10mP4%2BJSmHo3x5QikR1PkhXbWpNBhAh6aAGXmcKZz28oeNeLYvX5AqtVxsrcfwxN3MGr5RY3%2BOz8vBaMTjJ5S5nqwZbxqxDXgBQNw27NpA9gmX9A%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 842aba53ca3003e4-FRA

GET
H2 200 p Show response
i.simpli.fi/ 798 B
761 B 39ms
38ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=408539&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/24133590-8dea-013b-adc3-0cc47abd0334
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 051d2a68df2b537c8b63f1237519ae44a2148a4ef76ce93750f80d16128c2f8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 2b2d58e0996f Show response
zz.connextra.com/ResortsAtlanticCity/dcs/tagController/tagData/ 0
541 B 65ms
65ms XHR
text/plain 104.102.33.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://zz.connextra.com/ResortsAtlanticCity/dcs/tagController/tagData/2b2d58e0996f
Requested by: Host: zz.connextra.com
URL: https://zz.connextra.com/dcs/tagController/tag/2b2d58e0996f/regstart
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.102.33.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-33-171.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.resortscasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
server: istio-envoy
vary: origin,accept-encoding
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
access-control-allow-origin: https://www.resortscasino.com
content-type: text/plain
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-envoy-upstream-service-time: 3
content-length: 20
expires: Tue, 09 Jan 2024 06:47:15 GMT

GET
H2 200 seg
secure.adnxs.com/ Frame 8DAF 43 B
1005 B 57ms
56ms Image
image/gif 37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=17170052&t=2

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
an-x-request-uuid: 8048f35f-9dc3-4726-88c0-a378a75ce6a4
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.40; 81.95.5.40; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

2229224967483563646
zz.connextra.com/sync/data/uid/3bc1d7fd2e/ Frame 8B7E
Redirect Chain

https://secure.adnxs.com/getuidnb?https%3A//zz.connextra.com/sync/data/uid/3bc1d7fd2e/%24UID
https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/2229224967483563646

43 B
413 B

61ms
60ms

Image
image/gif

104.102.33.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/2229224967483563646
Requested by: Host: www.resortscasino.com
URL: https://www.resortscasino.com/signup/?med_source=GAaff&med_campaign=AffCPD_3000{Insertplacement_domain}&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000{Insertplacement_domain}&utm_campaign=AffCPD_3000{Insertplacement_domain}&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20
Protocol: H2
Server: 104.102.33.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-33-171.deploy.static.akamaitechnologies.com
Software: istio-envoy /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
content-encoding: gzip
server: istio-envoy
vary: accept-encoding
content-type: image/gif
p3p: CP=NOI DSP COR CURa ADMa DEVa PSAa PSDa OUR SAMa BUS IND UNI PUR COM NAV
cache-control: max-age=0, no-cache, no-store
x-envoy-upstream-service-time: 2
content-length: 64
expires: Tue, 09 Jan 2024 06:47:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
an-x-request-uuid: f71e0e48-4b46-4d51-ba30-60d570c6ed74
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://zz.connextra.com/sync/data/uid/3bc1d7fd2e/2229224967483563646
x-proxy-origin: 81.95.5.40; 81.95.5.40; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK Q-pozVxqjV2Zs-N5 Show response
compliance.resortscasino.com/ Frame DD75 312 KB
58 KB 45ms
44ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/Q-pozVxqjV2Zs-N5?6c879fd71d25b305=q_CiMN4ioxf6vm8xVC15QG7lubmu2ANQkKkkq8ygbWjRa2i78Lsk3Kt5vgp0koO6g-dvyTKF9VKVGO-xadVeip3swfg4i7rG1W_DN-Bid6yOMHpa3-CVxBjM4JpIbDlcTEdAAnTJpsQ-ksDXpZipQGgR_MKzdVWHIAQPw6drf3AhQK2VoKb9uvpmrDekhEmbzq75SVDQCEM&jb=3d3b26266a716f753f556b6e646f7771246a716f3d55616c646d7f7b2532303939246a7362773d436a706d6d65266a71603d4168726d6567253038393230

Requested by

Host: compliance.resortscasino.com
URL: https://compliance.resortscasino.com/9o37gmne94poni7e.js?kfd26c7dipgrwoa5=cigsl5rh&1n201ocddcp81t0h=8fe4064176fa4003b0f41c8c1f9851a8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

6030ece81c7d2ae0cb07047959420c973d5fc67ff6215968e61af86f8f9a383d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: c33ef46ceb3cda83
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 4SbBsSM_krr-5nc4
compliance.resortscasino.com/ Frame DD75 81 B
475 B 536ms
468ms Image
image/png 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://compliance.resortscasino.com/4SbBsSM_krr-5nc4?aa80763e5bae9393=xinflbA5358EFNmPnW6GI59_7s67fqixZiU8bhvIlaz-e7CNxNMLE6gJpsd8tLAN7CkqQ2HNDI3ABbE1LYwyNw3kEwevK9ObBV20zqauQ8__ps33Xn9Q5uyCvAKvKWVzOuUha63Joq86gxpDQtwaystGtOqTBvM3uw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK S4rzFg_B7qi9KE72
compliance.resortscasino.com/ Frame DD75 81 B
474 B 198ms
25ms Image
image/png 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://compliance.resortscasino.com/S4rzFg_B7qi9KE72?d9cbf99eaa7d187f=rg3WUjdpryUP5jbNDjViTD3EoHXTPElxBVVNBhaa8nioqCmELSiJFOecWI9Pbvuizcib0j4KVaHiNSt97zJKeWlZkvimE48x_RaHo1ZtklEX3DU3kXehsVZ-UCt7913_pl_9-kBzhE6nb7KCWqhHaUhUCQLlnkP5gw

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:15 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 web-widget-chat-sdk-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 4A1A 202 KB
51 KB 271ms
271ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-sdk-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
x-amz-version-id: TdcYv88Lf5u9m3AG8eAA2HBmnexgob8V
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: YF5M4KQMYT6CG3T4
age: 3038302
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: ECkadXRT4D6spLOQV0MpGoWU6fpEaVI9YdsI5fGDTKe+6jC6DsHUTQYZ1ej2MjOKao4QRaYRkEU=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"b8284a4b45e40625c2b90a641ebe4a68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiCRE3Ka5rFA4932UMzw7%2B581vGcFEBTjQB4Dzjcq59PtP0m1bvxd4EN1CI%2B3iFSNuS%2FGdDhv7F%2FUiA18BAlSmHCuX4np8C9VRsxrbC6zL79%2B7Ij%2Fl9IjwuNDmr6xOs7daxUco0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba551b299004-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 200 status Show response
resorts.zendesk.com/talk_embeddables_service/web/ Frame 4A1A 95 B
909 B 564ms
545ms XHR
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://resorts.zendesk.com/talk_embeddables_service/web/status?subdomain=resorts&nickname=Resorts

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7a8a584c850b3d65d4184b1111932560a757f12cd689f5441170c07c3975e6ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding: br
x-dns-prefetch-control: off
x-xss-protection: 1; mode=block
x-request-id: 842aba53ca3403e4-FRA
server: cloudflare
etag: W/"5f-8F4IBxNf7WRaSJWu3d5CFCBloLA"
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-ratelimit-remaining: 498
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U7Xe413%2BMfKi1gLyoPLb9RYHm2UxVBrVqMF6emen65SNwCyEpfpRk450xcRXpdbCofgyDk4%2B2wbfPQr%2BUretKsMq8mZZzhuQ8xoZWDJ1yq0RGsD5bReq8cTKnE38B%2B2fmk5wxpA%3D"}],"group":"cf-nel","max_age":604800}
x-zendesk-zorg: yes
x-ratelimit-reset: 1704782837
x-ratelimit-limit: 500
cf-ray: 842aba53ca3403e4-FRA

OPTIONS
H2 204 fetch
js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@7292abf9410da1bbefb3c8200db9/interstitial/v2/ Frame 0
0 996ms
198ms Preflight 52.89.23.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@7292abf9410da1bbefb3c8200db9/interstitial/v2/fetch?preload=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.23.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-23-110.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: POST
Origin: https://www.resortscasino.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
date: Tue, 09 Jan 2024 06:47:16 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-xss-protection: 1; mode=block

POST
H2 200 fetch Show response
js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@7292abf9410da1bbefb3c8200db9/interstitial/v2/ 14 B
411 B 199ms
199ms XHR
application/json 52.89.23.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js-content.otherlevels.com/91bbf7114c10a0b186796a4a633fc98e/@OL@7292abf9410da1bbefb3c8200db9/interstitial/v2/fetch?preload=true

Requested by

Host: cdn.otherlevels.com
URL: https://cdn.otherlevels.com/js-sdk/otherlevels.js?appKey=91bbf7114c10a0b186796a4a633fc98e

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.89.23.110 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-89-23-110.us-west-2.compute.amazonaws.com

Software

Resource Hash

15c53b41755b7dbbf631697798b043b1eb429674afb2580b605d468c7f8593b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.resortscasino.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
access-control-max-age: 86400
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,X-Auth-Token
content-length: 14
x-xss-protection: 1; mode=block

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=03762F51FF22484A87746FB6F10A0918

0
237 B

96ms
51ms

Image
text/plain

2600:9000:211e:8c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=03762F51FF22484A87746FB6F10A0918
Protocol: H2
Server: 2600:9000:211e:8c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cache-control: no-cache, must-revalidate
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: Epr9GtseuV7KI7TjOrHwtNasRYGCJ5qUGWguhRa1WNDD_Dyn-QzFsw==
x-cache: Miss from cloudfront

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

RX-052b6881-52d7-4f34-9541-106b3379dde0-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/03762F51FF22484A87746FB6F10A0918
https://sync.1rx.io/usersync/simplifi/03762F51FF22484A87746FB6F10A0918?zcc=1&cb=1704782835987
https://sync.targeting.unrulymedia.com/csync/RX-052b6881-52d7-4f34-9541-106b3379dde0-003

43 B
378 B

537ms
454ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-052b6881-52d7-4f34-9541-106b3379dde0-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-052b6881-52d7-4f34-9541-106b3379dde0-003
pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=03762F51FF22484A87746FB6F10A0918&dongle=yf3

37 B
140 B

69ms
24ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=03762F51FF22484A87746FB6F10A0918&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=03762F51FF22484A87746FB6F10A0918&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=03762F51FF22484A87746FB6F10A0918

43 B
175 B

339ms
115ms

Image
image/gif

2600:1f18:612b:4232:8e14:fb12:eab5:43f8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=03762F51FF22484A87746FB6F10A0918
Protocol: H2
Server: 2600:1f18:612b:4232:8e14:fb12:eab5:43f8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 09 Jan 2024 06:47:16 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=03762F51FF22484A87746FB6F10A0918
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=03762F51FF22484A87746FB6F10A0918

95 B
427 B

45ms
43ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=03762F51FF22484A87746FB6F10A0918

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=03762F51FF22484A87746FB6F10A0918
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=03762F51FF22484A87746FB6F10A0918
https://d.agkn.com/pixel/10751/?che=1704782836132&ip=81.95.5.40&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D219893204756000409097
https://um.simpli.fi/aa_px?sk=219893204756000409097
https://um.simpli.fi/empty.gif

43 B
361 B

40ms
39ms

Image
image/gif

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Tue, 09 Jan 2024 06:47:16 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=03762F51FF22484A87746FB6F10A0918

0
0

83ms
28ms

Image
text/html

18.245.60.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=03762F51FF22484A87746FB6F10A0918
Protocol: H2
Server: 18.245.60.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-245-60-10.fra60.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 33ms
30ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 34ms
31ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=03762F51FF22484A87746FB6F10A0918;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=03762F51FF22484A87746FB6F10A0918;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjQzODYxODMwMzk5OTg1Mjg5MQ==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEO8WF6MG0ZpkEw2ZwrHoGow&google_cver=1

43 B
379 B

30ms
30ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEO8WF6MG0ZpkEw2ZwrHoGow&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEO8WF6MG0ZpkEw2ZwrHoGow&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=03762F51FF22484A87746FB6F10A0918&j=0

0
93 B

1148ms
1050ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=03762F51FF22484A87746FB6F10A0918&j=0
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:17 GMT
server: nginx
server-timing: total;dur=1.000
etag: "60ec6d76-0"

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=03762F51FF22484A87746FB6F10A0918&j=0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 34ms
32ms Image
image/gif 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=03762F51FF22484A87746FB6F10A0918

0
421 B

443ms
110ms

Image
text/plain

52.44.250.119
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=03762F51FF22484A87746FB6F10A0918
Protocol: HTTP/1.1
Server: 52.44.250.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-250-119.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Connection: keep-alive
Date: Tue, 09 Jan 2024 06:47:16 GMT

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=03762F51FF22484A87746FB6F10A0918

62 B
447 B

244ms
189ms

Image
image/gif

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=03762F51FF22484A87746FB6F10A0918
Protocol: H2
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 09 Jan 2024 06:47:16 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

404

tpid=03762F51FF22484A87746FB6F10A0918
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03762F51FF22484A87746FB6F10A0918

49 B
265 B

153ms
52ms

Image
image/gif

52.49.23.84
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03762F51FF22484A87746FB6F10A0918
Protocol: H2
Server: 52.49.23.84 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-23-84.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.1.180
content-length: 49
expires: 0

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=03762F51FF22484A87746FB6F10A0918

0
311 B

669ms
579ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=03762F51FF22484A87746FB6F10A0918
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=03762F51FF22484A87746FB6F10A0918

0
98 B

439ms
381ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=03762F51FF22484A87746FB6F10A0918
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1704782835762&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=8...
https://www.google.com/pagead/1p-conversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhM...
https://www.google.de/pagead/1p-conversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMI...

42 B
64 B

44ms
44ms

Image
image/gif

2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIjJ_p-trPgwMVjPE7Ah0ssQfA&is_vtc=1&ocp_id=8-ucZczZNozj78EPrOKegAw&cid=CAQSKQAvHhf_vDJiZRjyqkznmC_lZzlI7lqb8DWH-g-xnk2c1RgXJFs1Mkvi&random=812761342&ipr=y

Protocol

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=277254849&cv=7&fst=1704782835762&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CIO9sQI&pscrd=IhMIjJ_p-trPgwMVjPE7Ah0ssQfA&is_vtc=1&ocp_id=8-ucZczZNozj78EPrOKegAw&cid=CAQSKQAvHhf_vDJiZRjyqkznmC_lZzlI7lqb8DWH-g-xnk2c1RgXJFs1Mkvi&random=812761342&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 44ms
41ms Image
text/plain 35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=03762F51FF22484A87746FB6F10A0918

43 B
1013 B

29ms
28ms

Image
image/gif

37.252.171.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=03762F51FF22484A87746FB6F10A0918

Protocol

Server

37.252.171.53 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
an-x-request-uuid: 7142f13d-fa3b-44ce-8a97-025e20527cc2
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.40; 81.95.5.40; 1003.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ib.adnxs.com/setuid?entity=66&code=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=03762F51FF22484A87746FB6F10A0918&expires=365

0
239 B

116ms
26ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=03762F51FF22484A87746FB6F10A0918&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=03762F51FF22484A87746FB6F10A0918&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=03762F51FF22484A87746FB6F10A0918

43 B
264 B

391ms
333ms

Image
image/gif

35.244.159.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=03762F51FF22484A87746FB6F10A0918
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=03762F51FF22484A87746FB6F10A0918
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Mon, 08 Jan 2024 06:47:15 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEJ0RnX9bC4KvtJubVAstj0I&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=03762F51FF22484A87746FB6F10A0918
https://um.simpli.fi/g_match?id=

0
320 B

36ms
36ms

Image
text/plain

35.204.158.49
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

35.204.158.49 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

49.158.204.35.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:15 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Mon, 08 Jan 2024 06:47:15 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:15 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK MkmgI9KGsxSyMWvk Show response
compliance.resortscasino.com/ Frame 019E 19 KB
6 KB 47ms
30ms Document
text/html 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/MkmgI9KGsxSyMWvk?3f070dd2bfe8550e=O6TNDAjjYpy0IvpsWwpKoku1Nt_K21TzOXg0U3wsaF6S8eKUMMN2IDLhZYQ3SQrqJ2kWFbDLqJR0zUQvfSWxyfDY6xG5hu76NhAf2eoyX3deHVBayVbDO0fqVeta1ws3YOEmYSoKVFMeW_a_1F4SIw&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Requested by

Host: compliance.resortscasino.com
URL: https://compliance.resortscasino.com/Q-pozVxqjV2Zs-N5?6c879fd71d25b305=q_CiMN4ioxf6vm8xVC15QG7lubmu2ANQkKkkq8ygbWjRa2i78Lsk3Kt5vgp0koO6g-dvyTKF9VKVGO-xadVeip3swfg4i7rG1W_DN-Bid6yOMHpa3-CVxBjM4JpIbDlcTEdAAnTJpsQ-ksDXpZipQGgR_MKzdVWHIAQPw6drf3AhQK2VoKb9uvpmrDekhEmbzq75SVDQCEM&jb=3d3b26266a716f753f556b6e646f7771246a716f3d55616c646d7f7b2532303939246a7362773d436a706d6d65266a71603d4168726d6567253038393230

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

4cd33d45182f7478db0c54f285c7f57a4c00065d19d5eba6c299d5d624184370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.resortscasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Language: de-DE
Content-Length: 5909
Content-Type: text/html;charset=UTF-8
Date: Tue, 09 Jan 2024 06:47:15 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=97
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-UA-Compatible: IE=Edge
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK clear.png Show response
compliance.resortscasino.com/fp/ Frame DD75 81 B
537 B 88ms
32ms XHR
image/png 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/fp/clear.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*, cigsl5rh/c33ef46ceb3cda838fe4064176fa4003b0f41c8c1f9851a8
Referer: https://www.resortscasino.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
Last-Modified: Tue, 09 Jan 2024 06:47:16 GMT
Server: Apache
Etag: e0ee40d5d9a64ef8bc0c8546b9fe4691
Content-Type: image/png
Access-Control-Allow-Origin: https://www.resortscasino.com
Cache-Control: private, must-revalidate, max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
Content-Length: 81
Expires: Sun, 07 Jan 2029 06:47:16 GMT

GET
H/1.1

204
No Content

JSUMg9UnE9ReiOTS Show response
h.online-metrix.net/ Frame DD75
Redirect Chain

https://h.online-metrix.net/JSUMg9UnE9ReiOTS?3735dab44285ee54=B_vtsdj7grmz03GLHuFtSpVTP1UBTHanexQxD1AOqgQFV0RDhBYXT1KpIVExWmh-hA6q537eegCY3hC2pHntT36Bnbl-fFWfJu0rMnTRxGvhFA2r31j3jeHiLAB2WaF9KkFYcfl...
https://h.online-metrix.net/JSUMg9UnE9ReiOTS?831c83607b9e47d5=B_vtsdj7grmz03GLHuFtSpVTP1UBTHanexQxD1AOqgQFV0RDhBYXT1KpIVExWmh-hA6q537eegCY3hC2pHntT36Bnbl-fFWfJu0rMnTRxGvhFA2r31j3jeHiLAB2WaF9xe8EtF9...

0
387 B

34ms
34ms

Script
text/javascript

91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/JSUMg9UnE9ReiOTS?831c83607b9e47d5=B_vtsdj7grmz03GLHuFtSpVTP1UBTHanexQxD1AOqgQFV0RDhBYXT1KpIVExWmh-hA6q537eegCY3hC2pHntT36Bnbl-fFWfJu0rMnTRxGvhFA2r31j3jeHiLAB2WaF9xe8EtF9H2814tlW4xAArgg&k=2

Protocol

HTTP/1.1

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
P3P: CP=IVAa PSAa
Location: https://h.online-metrix.net/JSUMg9UnE9ReiOTS?831c83607b9e47d5=B_vtsdj7grmz03GLHuFtSpVTP1UBTHanexQxD1AOqgQFV0RDhBYXT1KpIVExWmh-hA6q537eegCY3hC2pHntT36Bnbl-fFWfJu0rMnTRxGvhFA2r31j3jeHiLAB2WaF9xe8EtF9H2814tlW4xAArgg&k=2
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
Content-Length: 0

GET
H/1.1 200
OK NG5K-ltvhJWfH9VQ Show response
compliance.resortscasino.com/ Frame 99A9 92 KB
14 KB 71ms
36ms Document
text/html 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/NG5K-ltvhJWfH9VQ?cf800f7fcf258648=igrpoN_QIA1vD6NB0FzhWrdJ20OOOhBjuKVaqKMmBIyzSskHv9zaZGz41kE5SE4R4kDPSHk7RB433kW8-n2rdx7jqUvpltVyrLRaUhBwXVboXbulGl5ifVpgi1PnF6QxsGb80qCrCmKSO6bIJAv_Y7t95zwFQxZf-o6ptRw_yFlh_kedCh9aMc9t7WurZaL8XUl0XslTqE7QhQ

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

290e447097ca54178885e4b326e78a7f140d8f1a7bed519bfc94db2040d9b6c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.resortscasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 09 Jan 2024 06:47:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=96
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
No Content 3CF2HaC-Ii4e_TSB Show response
compliance.resortscasino.com/ Frame DD75 0
388 B 317ms
260ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK oYjUkaSXatXkwvD9 Show response
compliance.resortscasino.com/ Frame DD75 134 B
657 B 66ms
37ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/oYjUkaSXatXkwvD9?ef6538aac6640966=D4xZGb5ij2kk1JTqYprfGp9xzXnCBTc0IoipNWuZ-NuaLgKljvuNLZ_ja-7NAKeMD93HbLhjAg0i2OyVYrsLvzJMLjY0v_161hWxblYY3VdCSexkmQmAiEl2pXEZc7TFwnro17IozSa4cQCb

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

54621ee609b20e5eef1b3d370c9cdd2e83a224efa9dd015727d4a2a3d4410296

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK pa_4zfAdZ8gsP5Qc Show response
h.online-metrix.net/ Frame 77A2 103 KB
15 KB 98ms
39ms Document
text/html 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://h.online-metrix.net/pa_4zfAdZ8gsP5Qc?620672f3b209e93a=SHVC8G9o8W-ojn_RoAPQ8NEpi1OtnHcEuMk-QFpvjsAyJBZEe3VilIRIlKpWlLV0368NG6n7g-mqTOpXDSqg_9VWX_3fcENDJBX0RtBRo2bGmp3LliUeA06aRsukmOtQCuYsmGpP-p7i0ljr88tTuqh-b9kxBhChAntOi3prcRDZ1Tejet7gV55hDLoD4zu89-QiXS4tjCniCCY

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

7b361905ec1281e864a3aa2c26911bf3a3257d3964eb65c84eb0fb7ac9896608

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.resortscasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 09 Jan 2024 06:47:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK nmzElz2ARYCl3Jg1 Show response
compliance.resortscasino.com/ Frame 67D9 90 KB
14 KB 383ms
344ms Document
text/html 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/nmzElz2ARYCl3Jg1?c2519d5554aa6d62=wZYvcfqMyXM5JqWx4dlhMJLUpqhy2Cp23aQXAoQWAHdsQqvi06RQHMKRak8aqMwvjB00KtgJJkD9vZ0JzANfhOE0SkRbvR6putjGxhDKWJmkNtWDoi-lVIFWjh7xCg7uSc4NqDAeUNneDR56nN-zioNPwJNF-7_F7Ketqm2RFJIeipzAL5hLAIq3HB18_MysTk1EbkCmSI7B30Q

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

b679bc2df07b76f5d4691289d6923d1ae38b3daf0a9ee9dfcec1d020a77935b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.resortscasino.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Content-Encoding: gzip
Content-Type: text/html;charset=UTF-8
Date: Tue, 09 Jan 2024 06:47:16 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Keep-Alive: timeout=2, max=100
Pragma: no-cache
Server: Apache
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex, nofollow
X-XSS-Protection: 1; mode=block

GET
H/1.1 204
204 3CF2HaC-Ii4e_TSB Show response
compliance.resortscasino.com/ Frame DD75 0
218 B 52ms
36ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/3CF2HaC-Ii4e_TSB?e775dd77fd803c2e=tcSVC9Er3AJoyJA1lmDPmKn05eNGMzpA_1ZOWpYl6pB_Hm2ABeBS3_Yz4xf8z3AwSbC_lTOoSp7wi7951FBPsAZrZyfxiHyQfTeoOK_O3ZP0lBM-WkRmXRIY7QX1X1hOGW-VCRj1-gTC6BV_NtrUAQ&ja=3a3134382624633d3432247a3d363024643d3336303270333232382e61663d393e3230783130303024717a793d307832246472723d332433363238243132303824333630302e313232322e313630302e333232302c333e32302e393a30302c382432266d743f61383a306362636463353564666664643167613a3c39313437383e6039613763266d6c3f36267363643f3034246c683f607674727b2d3341253a4e2732467775772e7067716f7274736163736b6e6f2c6b6d6d273a4e736967667d722532462733466f67665f736f7570616527334445496366642d3a366d656c5761616d706369676c2731444166664152445d3330323827374041667365727c786e6163656f656e765d666f6d61696c2737462532346567645d636d79776f7a6c7125334427323677766f5f736f7570616527334445496366642d3a36757465576f656469776d2531464366664350465d33323030273f40496c7b6d727470646961656d656c745f666d6f61696e2535462530367576655d63636578616967662d31444166644350465d31303030253540496c7365707c726c636b6d6d656e7c57666f6d616b6e25354627323675746f5d636d6e7467667625314c49666643584c5d3330303225323424726c3d3326726a3d35386630306361346a6b6662653939316237333a3761673266336264623066342468683f38643837693b3337303d6931306536363131376130633737623a3a65663639362e68736d355f696e64677f712532303331266871603d4368726d6f65273230333a3226687b67753d576166666f7773246a7360773f4368726f6f67266c68633f3c246e66653538266e657c723d3026767a643f4777726f70652730464065726e616c266f697c68723d3c38323364316132626761323265366361373632303830696631373d3c3031666c3c3738383136316434676361323464613b34636662663f3033333b393936612e6c703d68747670732731432532462530447775772e706d716f707c7b63617361666d2e636f6f253244716b676e75702730462733466f6d665f71677d7263652d3b4647416164662530346f65645f63636f706369676c2d3144436e6e435044573b323030253542496c71677274706c6361656f656e7657666f6f69616e25374c2d30366d65665f6b677b756f726473273144273236777c6f5f71677d7263652d3b46474161646625303477746d5f6d676669776d25314c4366644b58445f333838322537424b6e73677076706c6163676f656c745f66676f616b662d3744253a3e77746d5f61616d72636b676e25334643666443504657313032382d374249667b677274706e6163676f676e745f646d6f616b6e25354c2732347d7c6d5f63676676656e742733444364644350445f313230322532342e723d72647d67696e576e6e61736827354564636e736521706e77676b6e5f75616c646d7f7b5f6d656c61635f706c6379657027374566616c716721726c7565616c5f636c6762655f696b706f62617625354764636c736521726e7565696e5d79776961637c696d652d3d4766616c716521726e7767696e5f716a6f616b77637e6725374d6e616c736d29726c75676b6e5f7067636c706c617b677227354564696e736729786c756761665d766c635d706c637b677225354564636c716521726477676b66576465766964747225354766616e716721706c75656b6e5d737665577469677f6d7225354d6e636c736523706c77656b6e5f6a6174632537456663647165246f645f633d7f6d60676c576762474e273030312e302730302a4f706766454c273a384553253a38302e30253030436a706d6d69756d2b556560474c273a32474e5b442532304d5b273230312c302530322a4f70656e454e25303045512d303045445b4c2532384d51253230332e302730324368726f6f6b756f2957676a4969765f6d624b697c2d3030576560474c434c454c455f696c7174636e63676c5d61707a697973253b4a273230455a545f606e676e645f6d6b6c6d637825314a2732324d50545f6367646d725f6277666667705d68616c665d646c6d6174273b402530384d58545f6e646d61745f606c656c662733422532324758565f667069655f666d787468253b4a273230455a545f716a636465725f76677876757267576e6f662d3b422532384d5a545f746778747770675f636f6d7270657173696d665d62727c6b2533422d3a324558545d74657a767772655f636d6f7070657371616d6e5d7a6f7463253b4a273230455a545f76677a747572655d64696e74657057636e6b7b6774726f786161253342273230475a565f735247402733402532324747535d6d64656d65667c5d696e6467785f776b6c742533422730304d45535d6e606f5d7a6d6e64657a576f69706d63702531402732304f45515d7376616e666970645d6c6d726976697c6b7665732733422730324f45535f7667787675726757646c6d697c2533422d3a324f45535d74657a767772655f666e6d61765f6c6b666761702d3b422532384747535f746778747770675f68616c645d666e6f61762d3142273a384f4553577c6778747570655f6a636e665f666c6d63745d6c696c6d6372273b4a253230474d515f76657074657a5d63727261795d6d62686563762d3142273a385745424f445d636f6c6d725f6077646665725f646e6f637425314a2732325f4d42474c576b6d6d707267737367665d746578747770655d6173766b2733402d3a3057454a4f4e5f636f6f707267717165645f74677a747772655d6d7663273b4a2532305f4d40474c5f616f6d727067737365645d76657a7475706d5d65766b392533422d3a32574542454c5f616d6f707265737167645d74657a7c777267577b3374632d3b40253230554542454e5d636f6d707067737165645d7c6778767d7a655f733b7c615f73726562253140273230574540454c5d6465607d655f706d666465726d7a5d696e666d253340273030574542454e5f66657076605d7467707c7572652d3b40253230554542454e5d647261775d6075646665707b2733402d3a3057454a4f4e5f6c6f71655f616d6c74657874273142273230554d40474e5765756c74615766726177333626656e5d683d3366643764646634353c3264666b3c3037653e3a6065306535346430373734363130366634303539247f656c7435416e7465642d3030496e612e2675656e723d496e76676c2732304b7a6b73273a384f7065664f4e253230476e676b6c67266363643f32&jb=393735266c733d4d6d786b6c6c61253044352c302530382a576b666c6f77732d3a324e5425303031322c32253342253032576b6e36362d3142273a38783634212d30304170726c655567604b69742530443531372e313e273232204348544d442d30432532326c696967273230476561696f2b2532324b6a726d656d253246393a322e302e3430393b2c33323925323251616461726b2d3046373b3f2e3336

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=2, max=95
Content-Type: text/javascript;charset=UTF-8

GET
H/1.1 200
OK e9QumWzVnQ6K-6tQ
cigsl5rh4cigpaokh4jobqhuamg6bd4cohjrdu2uc33ef46ceb3cda83am1.e.aa.online-metrix.net/ Frame DD75 81 B
438 B 377ms
19ms Image
image/png 91.235.134.131
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cigsl5rh4cigpaokh4jobqhuamg6bd4cohjrdu2uc33ef46ceb3cda83am1.e.aa.online-metrix.net/e9QumWzVnQ6K-6tQ?8c6de38740cfabd7=cHZ7vNULK1tU9kTmS_Nk5NOuhZl1Ojux5aSU8Qk9b8UkVGmcpMl5O8NJDQX8m7l2fiBrUDjXG7STSM3H-k-_5_tp0HZEo1bYZrWUqYZyxnitIrU7WjgmU-JjEW1vR5jywIk5AgrUtkxEcgBslIacj7ejxJ8EuXg

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.131 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png
Cache-Control: no-cache, no-store, must-revalidate
Connection: close
Content-Length: 81
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK f5sNTm422fdy96yY Show response
compliance.resortscasino.com/ Frame 019E 209 KB
29 KB 60ms
42ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/f5sNTm422fdy96yY?5c681494510d74a0=2yvgBW4tFTvYT2568gtPu5fe_Grclkw1D0WTPhgqRznTyK9OXxJvZIB42FVvbW4tR7b_5blLqt2a2l0eDCGxHcWLoObWlkj_iWztpMlj1wuelVzzwepDVieHtJUmLPYneaskmnRFh_Sh9RZusdUAOgB_JOZYEwtJYhjcekY

Requested by

Host: compliance.resortscasino.com
URL: https://compliance.resortscasino.com/MkmgI9KGsxSyMWvk?3f070dd2bfe8550e=O6TNDAjjYpy0IvpsWwpKoku1Nt_K21TzOXg0U3wsaF6S8eKUMMN2IDLhZYQ3SQrqJ2kWFbDLqJR0zUQvfSWxyfDY6xG5hu76NhAf2eoyX3deHVBayVbDO0fqVeta1ws3YOEmYSoKVFMeW_a_1F4SIw&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

15880d7f76beb16263f32b0048e67f50ca7f8029b991a49ebffd04c45fabccf1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://compliance.resortscasino.com/MkmgI9KGsxSyMWvk?3f070dd2bfe8550e=O6TNDAjjYpy0IvpsWwpKoku1Nt_K21TzOXg0U3wsaF6S8eKUMMN2IDLhZYQ3SQrqJ2kWFbDLqJR0zUQvfSWxyfDY6xG5hu76NhAf2eoyX3deHVBayVbDO0fqVeta1ws3YOEmYSoKVFMeW_a_1F4SIw&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Transfer-Encoding: chunked
tmx-nonce: c33ef46ceb3cda83
Connection: Keep-Alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Pragma: no-cache
Server: Apache
Vary: Accept-Encoding
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
X-Robots-Tag: noindex, nofollow
Keep-Alive: timeout=2, max=99
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content _pMFx18G2JVYp2j6 Show response
compliance.resortscasino.com/ Frame 99A9 0
388 B 35ms
32ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/_pMFx18G2JVYp2j6?6025bb1f4705069a=sVGr7BhSy5YqoX5-z-Z1ka6FLQlikqyrwYuYZJX52YfDNP-qeF0y2UIzy4GImnQ0x7LpX-iQUdxMArP9WDIDy7yah-vlmD54GAu4uJxLEAoqewN8l4NoE8ttY7P9ixjDdbsMrnGmKAqq8VVv8PrDoQ&jf=3b34266c73603d31323661343839366064353b3433363b3a31636e6b313462316e663064363635

Requested by

Host: compliance.resortscasino.com
URL: https://compliance.resortscasino.com/NG5K-ltvhJWfH9VQ?cf800f7fcf258648=igrpoN_QIA1vD6NB0FzhWrdJ20OOOhBjuKVaqKMmBIyzSskHv9zaZGz41kE5SE4R4kDPSHk7RB433kW8-n2rdx7jqUvpltVyrLRaUhBwXVboXbulGl5ifVpgi1PnF6QxsGb80qCrCmKSO6bIJAv_Y7t95zwFQxZf-o6ptRw_yFlh_kedCh9aMc9t7WurZaL8XUl0XslTqE7QhQ

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://compliance.resortscasino.com/NG5K-ltvhJWfH9VQ?cf800f7fcf258648=igrpoN_QIA1vD6NB0FzhWrdJ20OOOhBjuKVaqKMmBIyzSskHv9zaZGz41kE5SE4R4kDPSHk7RB433kW8-n2rdx7jqUvpltVyrLRaUhBwXVboXbulGl5ifVpgi1PnF6QxsGb80qCrCmKSO6bIJAv_Y7t95zwFQxZf-o6ptRw_yFlh_kedCh9aMc9t7WurZaL8XUl0XslTqE7QhQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK mKpCyGZuiK4kwcbV Show response
compliance.resortscasino.com/ Frame 99A9 134 B
655 B 42ms
34ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/mKpCyGZuiK4kwcbV?ad609d5c95ff89da=7r_0wwvAsUJSbo-hYJGaVXtQBcr79vSn74ZQSI1ub9ZvynttCOBPQp_vKNXKnjm6fs9GXPdDet3YMQ0b0beTf14_493sRp5VgmFIWNwvmiq2SXerp8A81WamcVe_rNz68vDfk5TDBXEEotUq&fr

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

f8cfcbab2586e33b922e03a33ee452423ee95739bc0a2d95e7d45e9262825a24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://compliance.resortscasino.com/NG5K-ltvhJWfH9VQ?cf800f7fcf258648=igrpoN_QIA1vD6NB0FzhWrdJ20OOOhBjuKVaqKMmBIyzSskHv9zaZGz41kE5SE4R4kDPSHk7RB433kW8-n2rdx7jqUvpltVyrLRaUhBwXVboXbulGl5ifVpgi1PnF6QxsGb80qCrCmKSO6bIJAv_Y7t95zwFQxZf-o6ptRw_yFlh_kedCh9aMc9t7WurZaL8XUl0XslTqE7QhQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=94
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 y-25LMJfGeXfuvPv
compliance.resortscasino.com/ Frame DD75 0
400 B 72ms
43ms Image
image/png 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://compliance.resortscasino.com/y-25LMJfGeXfuvPv?34e05a6d341ce746=aj8Rn1LjS9O5QDRwj_ClTE8IXDL2ABqoKz6cQujQIsbV-_rpwGJe0PEjR2AZMZ7NzuH8-ruJrvYBFbzmjXlDTeFk0qXdzyMBiAq5A9w-POX_Mfvg-IrMg3bZSO6MawDlhL6nvvGG4chIpy-_-hdVjnAN_PW2hbrXMJLVgNWy1V7giLRiqwHZd1SU2pfzG9n5V-revc10eQ9duw&jf=3c333626736b645f706c663d7464725d765349636a4d663a613b7a60456332412e7169645f666174673f33373034373a30383136267161665f767178653d776d6a38656364716126716b665f6b65793f31303739333239313034383f3261383e3c3a63653366303232333236303832633a36363863673b66303138393037303b3c30303030366336613431303838303732323a3561633a63313a3d3d3134336c39326564623331626064646335333263663736393363396066376a6c3536646d31313065646639623a323b32653065643b63373132326e3a61336c3c3662636c306637623966323037323165363735676331616566646c3b35613f69343238393f343061373026736b665d7369673d3132343730323038353466393a346266313a6438306264376137363033316634363662343135333d613264396d3265376c3a32326563343965303534616630643a33613b6465313932323039383065313a396631336264356132606064323763606362613933333d6032326d6b3835636d3e3039363060393431643763356339643b66343132343c3732353e3d372673616e703d30

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
204 6zt1iL7s-HJjnWme
h.online-metrix.net/ Frame 77A2 0
401 B 120ms
43ms Image
image/png 91.235.132.130
THM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://h.online-metrix.net/6zt1iL7s-HJjnWme?574ce92b8b470934=7xHaCzx6rw28aQuepB4KkBiOxM2COcc25hJxeqzgfm1WnoSs19-o1BIln2WkqrOLu7mnIn0cc1DSvxM6msm5cyI7WLjhdUCgIOe9xmJnKDM0jyQGJCFfhGySJUDc95He21ZsVF2N2msQUGq7DUcJtedyvWQEOPDhisg0RtncYOIrrFu_rx00CraRjFQPMtiDGEZVhU6E3OSQXA&jf=3c333626736b645f706c663d7464725d6e484172594860444645793f6a43617b2e7169645f666174673f33373034373a30383136267161665f767178653d776d6a38656364716126716b665f6b65793f31303739333239313034383f3261383e3c3a63653366303232333236303832633a36363863673b66303138393037303b3c30303030363635346437626661663064656633383131333632313e3462393f3937646330376465313a63666534373a3335643636303e66323b3e6b3764396c3b3537343933373566606436363633316139353239676a67303a39386635373b3b3462646233366564673a353564366160663536373b3a3765376a3c3133336931676465316726736b665d7369673d31323437303230383333633c383565616b3c6137313531373535343139613436673232353836303f6637646a6d3435373d6e326439663a666667303438343637363631633162353e3232303938303833386a336562353533623b6164643032363a63653a30323b316137676d30623937316b66623931346466663a316166356364303733303067396165666c6b332673616e703d31

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.132.130 , United States, ASN30286 (THM, US),

Reverse DNS

h.online-metrix.net

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://h.online-metrix.net/pa_4zfAdZ8gsP5Qc?620672f3b209e93a=SHVC8G9o8W-ojn_RoAPQ8NEpi1OtnHcEuMk-QFpvjsAyJBZEe3VilIRIlKpWlLV0368NG6n7g-mqTOpXDSqg_9VWX_3fcENDJBX0RtBRo2bGmp3LliUeA06aRsukmOtQCuYsmGpP-p7i0ljr88tTuqh-b9kxBhChAntOi3prcRDZ1Tejet7gV55hDLoD4zu89-QiXS4tjCniCCY
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: image/png;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=100
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1559287/log/3/ 0
251 B 103ms
37ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1559287/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=0&ssd=1&est=1704782834716&ver=36&isls=true&src=i&invt=1500&msa=18&rv=1&tim=1704782836267&vi=1704782834714&ri=6f09fbb26d2132324973877b175d3f89&ref=null&cv=20240107-6-RELEASE&item-url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://www.resortscasino.com
pragma: no-cache
date: Tue, 09 Jan 2024 06:47:16 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1 204
No Content 3CF2HaC-Ii4e_TSB Show response
compliance.resortscasino.com/ Frame DD75 0
387 B 272ms
271ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Server: Apache
Content-Type: text/javascript
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=2, max=99
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK nujvB2th-J3ug7Bv Show response
compliance.resortscasino.com/ Frame 019E 35 B
557 B 40ms
39ms Script
text/javascript 91.235.134.24
THM

General

Check archive.org

Show headers Download Go to

Full URL

https://compliance.resortscasino.com/nujvB2th-J3ug7Bv?3b8be93b37ee5bc6=i7botQ1bYy_ZKp2E0RcoB35goZmG0cRgi8Y5ym2gltkeAnSrz8CsWYxkDNWiVonyJ3jrCuGirrYqSI0Dhn9oFLDCOLD-H8TEs1wNs3Z9zPzJRa_yT7L30cJp0Up7-qFNq1fkfLu4Unv_lrq_cgggAWtiwtGGU5WuWplXLpmXXjMtsjabLu8m2dZFmYihKt0xRJFMBTiAQduE0gcLwZNIrw&sera_parametere=BUMOAFYNAQADA1ICUFYBVQYKCwYFVwJWVAYFWlUAWVJTBgNUBFADAQZVAUUXEgVaDUNGERURBSdAVXFGUyUdAVNZQAAKUVsGCxZARlclHQQhAxZSIhEEUw0NQBcXRAt3RgRxQFFwEAcMXwRTXQReUgUFV1RVVVRQB1ZXUwdRDQVRA1JdUFJVVFJaVVUGU11SWlUVCwlaVQZYAQBQAQcMBQBWUVYFUFdbVkRZEFlRQABUUVEEBAYPAlZaBQZdWApQUwYFBlNVU1FWWlFWVlEPAwBQVgRXUFJFBAsOUlRZAAtFWlpYSwUQEwxfClpdWAAVC1gOQwQJdQsXDV4GQgNODlIBA0MEW0VeMgtdBwsWSxUAUQ4RAk5pAAQOXwEFAlMVBkcOVl8%3D&count=0&max=0

Requested by

Host: compliance.resortscasino.com
URL: https://compliance.resortscasino.com/f5sNTm422fdy96yY?5c681494510d74a0=2yvgBW4tFTvYT2568gtPu5fe_Grclkw1D0WTPhgqRznTyK9OXxJvZIB42FVvbW4tR7b_5blLqt2a2l0eDCGxHcWLoObWlkj_iWztpMlj1wuelVzzwepDVieHtJUmLPYneaskmnRFh_Sh9RZusdUAOgB_JOZYEwtJYhjcekY

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

91.235.134.24 , United States, ASN30286 (THM, US),

Reverse DNS

Software

Apache /

Resource Hash

c6fdc845da96a8d9a7ea2a44b3098336d0c79920a3bdfbd114d7868227f1511a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://compliance.resortscasino.com/MkmgI9KGsxSyMWvk?3f070dd2bfe8550e=O6TNDAjjYpy0IvpsWwpKoku1Nt_K21TzOXg0U3wsaF6S8eKUMMN2IDLhZYQ3SQrqJ2kWFbDLqJR0zUQvfSWxyfDY6xG5hu76NhAf2eoyX3deHVBayVbDO0fqVeta1ws3YOEmYSoKVFMeW_a_1F4SIw&hp=.co-operativebank.co.uk/CBIBSWeb/login.do.co-operativebank.co.uk/CBIBSWeb/start.do.de/portal/portal/x.entropay.com/basemenu/prot/x.facebook.comx.nationet.com/x.netbank.commbank.com.au/netbank/bankmainx.npbs.co.uk/netmastergoldbanking/x.nwolb.xlogin.aspx?refereridentx.rbsdigital.xAccountSummaryx.smile.co.uk/SmileWeb/login.do.smile.co.uk/SmileWeb/start.do.yandex.rux/CapitalOne_Consumer/x/easypay.by/x/sbank.ru/x53.com/servlet/efsonlinex://online.wellsfargo.com/x://secure.assist.ru/assistid/protected/main.doxabbeynational.co.uk/EBAN_ENS/BtoChannelDriverxalliance-leicesterxaltergold.com/login.phpxamericanexpress.com/myca/intl/acctsumm/emea/accountSummaryxbancaintesa.it/xbankcardservices.co.ukxbankofamerica.com/xbanquepopulaire.fr/xbnpparibas.net/xcahoot.comxcapitaloneonline.co.uk/CapitalOne_Consumer/Transactionsxcbonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagexcibc.comxPreSignOnxcibc.comxSignOnxcitibank.ru/xclient.uralsibbank.ruxco-operativebank.co.uk/CBIBSWeb/loginSpixcommerceonlinebanking.comxcoventrybuildingsociety.co.ukxdeutsche-bank.dexdiscovercard.com/cardmembersvcs/strongauth/app/sa_mainxebanking.bawag.comxebc_ebc1961xegg.com/customer/movemoneyxegg.com/customer/yourmoneyxfacebook.com/xhalifax-online.co.ukxMyAccountsxhalifax-online.co.uk/x/Mhalifax-online.co.uk/personalxhsbc.co.uk/1/2/personal/internet-banking/xhsbc.comxhttps://banking.postbank.de/app/finanzstatus.init.do;jsessionidxib.fineco.it/FinecoWeb/BonificiServletxib.fineco.it/FinecoWeb/jsp/Main/HBFineco.jspxib.fineco.it/FinecoWeb/jsp/Main/Principale.jspxibank.alfabank.ruxin-biz.it/xipko.plxlibertyreserve.com/x/historylibertyreserve.com/x/loginwww.libertyreserve.com/x/Core.jswww.libertyreserve.com/x/transfer.libertyreserve.com/x/commonscript.jslloydstsb.co.uk/personal/a/account_overview/xmbna.co.ukxmenyala.ruxmoney.yandex.ruxmoneybookers.com/app/login.plxmoneymail.ruxmy.ebay.co.uk/ws/eBayISAPI.dll?MyEbayxmy.ebay.com/ws/eBayISAPI.dll?MyEbayxmy.ebay.fr/ws/eBayISAPI.dll?MyEbayxmybusinessbank.co.ukxnationet.com/AppServices/SignOn/SignOnProcess/RcaSignOnxnpbs.co.ukxnwolb.com/AccountSummaryxnwolb.com/Statementsxnwolb.com/TransfersLandingPagexoltx.fidelity.com/x/x/ofsummary/summaryxonline.lloydstsb.co.ukxonlinebanking.mandtbank.com/summary/AccountSummaryxpassport.yandex.ruxpaypal.com/x/cgi-bin/webscr?cmd=_accountxpaypal.com/x/cgi-bin/webscr?cmd=_login-done&login_access=xpaypal.com/us/cgi-bin/webscr?cmd=_login-done&login_access=xposte.it/xpsk.co.at/xsecure.lloydstsb.co.uk/personal/a/account_overviewxsmile.co.uk/SmileWeb/passcodexusaa.com/xusbank.com/internetBanking/RequestRouter?requestCmdId=Gxwachovia.comxybonline.co.uk/ralu/reglm-web/setupSecurityQuestionPagex.amazon.fr/xhistory/orders/view.htmlx.banquepopulaire.frxShowPortal.dox.bnpparibasfortis.bexHome_Logon.aspx.cdiscount.com/Account/Home.aspxx.cmb.frxaccueil.jspx.credit-agricole.frxentreeBam?sessionSAGx.labanquepostale.fr/xreleveCPP-releve_ccp.eax.secure.bnpparibas.net/NSFR?Actionx.secure.lcl.frxAccueilxcredem.it/OneToOne/ebank/functionsxmijn.ing.nl/xonline.ybs.co.ukxwww.discover.com/xorder.cdiscount.comxCustomer.aspxxsealinfo.verisign.com/splash?form_filexvos-comptes.credit-du-nord.fr/CDC_TableauDeBord_0.asp?xvoscomptesenligne.labanquepostale.frxwww.x.caisse-epargne.fr/Portail.aspxxwww.exabanque.netxonglet.phpxdeutsche-bank.de/xnorisbank.de/xpostbank.de/xtargobank.de/x.x.de/portal/x.bankofamerica.com/x/commonscript.js.bmo.com/OLB?id=x.bmo.com/RMC?id=x.chase.com/x.aspxx.chase.com/js/Reporting.jsx.koodomobile.com/account/selfserve/x/xaccountId=x.payment.ru/x.scotiabank.com/portal/index.jsp?xbancopopular.es/empresasxcreval.it/login2007/loginSiciliano.aspxfirst-direct.com/xipko.plxmybusinessbank.co.ukxsanpaoloimi.com/xulsterbankanytimebanking.x/login.aspxx
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Jan 2024 06:47:16 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Transfer-Encoding: chunked
Content-Type: text/javascript;charset=UTF-8
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive, Keep-Alive
Keep-Alive: timeout=2, max=98
X-XSS-Protection: 1; mode=block
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 web-widget-chat-incoming-message-notification-1bfc6fa.js Show response
static.zdassets.com/web_widget/classic/latest/ Frame 4A1A 236 B
581 B 20ms
18ms Script
application/javascript 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/web-widget-chat-incoming-message-notification-1bfc6fa.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/classic/latest/web-widget-main-1bfc6fa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
x-amz-version-id: vFeMRdO_ves3AqXqcJa51X.kBsGbKmeW
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: A4N17FH4T4Q3T2FA
age: 3038302
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jj3IJP8SG1qYvE4k5/yGOQQcVY1t9fS2FwFAUdl7K5931Xd3flm5WF8IJiZ/yy12ah/e+h8TsYA=
last-modified: Tue, 05 Dec 2023 00:24:10 GMT
server: cloudflare
etag: W/"77bb07ca171e3ff2b72a7dafa7822bc8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t2wcOptCJ4qjZrrDNbUQTPFZqZXyGwoHE0p2cyHpIv7qjtmmBe%2BbN49bg67%2BXDy98Hq4CWtaYc%2BVop2hf9a2PZszIMrFne9X34Y2SSxMnDKxwQ%2B7xFbWNZg6nVGL6xgx8bVUKQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba5a5d7d9004-FRA
expires: Wed, 04 Dec 2024 00:24:09 GMT

GET
H2 206 fda6cd35495c75f83508d9d2e77ee33d.mp3
static.zdassets.com/web_widget/classic/latest/ Frame 4A1A 19 KB
20 KB 22ms
19ms Media
audio/mpeg 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/classic/latest/fda6cd35495c75f83508d9d2e77ee33d.mp3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 09 Jan 2024 06:47:16 GMT
x-amz-version-id: 7mQmj5CjPPHXphZWB9MwFHsB8G6GZRZR
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: HT3YBWDSMX7GGWKJ
age: 3547140
x-amz-server-side-encryption: AES256
Content-Range: bytes 0-19697/19698
x-amz-replication-status: COMPLETED
Content-Length: 19698
x-amz-id-2: u4rjVl6bznOFELXxWcdEy4cxf3HS8QD5+1jVYrU8pTGZTnnUMyhwdvSjilQjVnwTrzYblOccmBE=
last-modified: Tue, 26 Sep 2023 06:59:46 GMT
server: cloudflare
etag: "f11ce9e8f40a392830217253fe75d6de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alVAr%2FqH4PJkE8yAyCGCZyoU7Cz2beGpbt0eMYFrJ%2Bjs4jJMLcBbyGHb0YFQjmFcgxKUDBBO%2BLb%2FFbYqTxrUJzVLJFEB5MqhU3SsMf%2FGyVVaTfIEclXfS1ekObu4XA7v55xVLzQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: audio/mpeg; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 842aba5abdb99004-FRA
expires: Wed, 25 Sep 2024 06:59:45 GMT

GET
H2 204 unip Show response
trc-events.taboola.com/1559287/log/3/ 0
250 B 18ms
17ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1559287/log/3/unip?en=pre_d_eng_tb&tos=4552&scd=0&ssd=1&est=1704782834716&ver=36&isls=true&src=i&invt=3000&msa=18&rv=1&tim=1704782839268&vi=1704782834714&ri=6f09fbb26d2132324973877b175d3f89&ref=null&cv=20240107-6-RELEASE&item-url=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1559287/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

access-control-allow-origin: https://www.resortscasino.com
pragma: no-cache
date: Tue, 09 Jan 2024 06:47:19 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 40ms
40ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-FQ0H43EGGW&gtm=45je4130v881813852&_p=1704782834318&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=93025494.1704782835&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1704782834&sct=1&seg=0&dl=https%3A%2F%2Fwww.resortscasino.com%2Fsignup%2F%3Fmed_source%3DGAaff%26med_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26med_keywords%3D%26utm_source%3DGAaff%26utm_medium%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_campaign%3DAffCPD_3000%7BInsertplacement_domain%7D%26utm_content%3DAffCPD_3000%26med_asset%3DAffCPD_3000%26promo_id%3DVIP20&dt=Sign-up%20-%20ResortsCasino.com&en=scroll&epn.percent_scrolled=90&_et=28&tfd=8196
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-FQ0H43EGGW&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.resortscasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.129 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Jan 2024 06:47:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.resortscasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: datplus.springserve.com
URL: https://datplus.springserve.com/px/tag/288?

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

88 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.resortscasino.com/	1969-12-31 23:59:59	Name: LG_WEB_VW Value: casinoresorts
www.resortscasino.com/	1970-01-21 02:18:38	Name: LG_CU_INF Value: USD\|ResortsCasino\|ResortsCasino\|EN\|US\|\|0.0\|casinoresorts\|\|\|\|
www.resortscasino.com/	1970-01-20 18:16:14	Name: LG_FPG_TRK Value: "2024-01-09 06:47:13\|www.resortscasino.com\|/signup/?med_source=GAaff&med_campaign=AffCPD_3000%7BInsertplacement_domain%7D&med_keywords=&utm_source=GAaff&utm_medium=AffCPD_3000%7BInsertplacement_domain%7D&utm_campaign=AffCPD_3000%7BInsertplacement_domain%7D&utm_content=AffCPD_3000&med_asset=AffCPD_3000&promo_id=VIP20\|"
www.resortscasino.com/	1970-01-20 18:16:14	Name: LG_MED_TRK Value: "GAaff\|AffCPD_3000\|AffCPD_3000{Insertplacement_domain}\|\|2024-01-09 06:47:13\|"
www.resortscasino.com/	1970-01-21 02:17:12	Name: csrftoken Value: I7guItuOfjpDzpUNZZofdZKPcIo8qefuA8XpDfcBJumqnC0HpHCbI7pGEkLEfQVF
www.resortscasino.com/	1969-12-31 23:59:59	Name: sessionid Value: nbnj7pvpblmdlrdfql32r1poxfadht89
.resortscasino.com/	1970-01-20 17:33:04	Name: __cf_bm Value: UlAnyO2vvlY5mmZvg9CtBqTUKmlErbej6W527PCevy0-1704782833-1-AVmNN7BL4/VGeRuDTA9/IBF1NG9kVIvSgTmDTgfS88sYe27jNY48x0bxfBbI+Wi2rUDhTv1y8v4dY8Ss8x3i80s=
.resortscasino.com/	1969-12-31 23:59:59	Name: __cfruid Value: 47deef418e9a50d10c94ec7aaaa81f8b6b8b6cec-1704782833
www.resortscasino.com/	1970-01-20 17:34:29	Name: DAPROPS Value: "sdevicePixelRatio:1\|bjs.deviceOrientation:0\|sdeviceAspectRatio:1600/1200\|sjs.webGlRenderer:Intel Iris OpenGL Engine\|sscreenWidthHeight:1600/1200\|srendererRef:02230601228\|saudioRef:4143271754\|sversion:1.9.1\|bE:0"
.resortscasino.com/	1970-01-20 19:42:38	Name: _gcl_au Value: 1.1.1879548916.1704782834
.adnxs.com/	1970-01-20 19:42:38	Name: uuid2 Value: 2229224967483563646
.simpli.fi/	1970-01-21 02:20:05	Name: suid Value: 03762F51FF22484A87746FB6F10A0918
.smadex.com/	1970-01-21 02:11:26	Name: smxtrack Value: 198bd913-47e6-45b6-a4f9-cf5d3b708dba
www.resortscasino.com/	1969-12-31 23:59:59	Name: SG_CLI_FGPR Value: 3915540884
.resortscasino.com/	1970-01-21 03:09:02	Name: _ga_K0JNZQ9WRQ Value: GS1.1.1704782834.1.0.1704782834.0.0.0
.resortscasino.com/	1970-01-21 03:09:02	Name: _ga_FQ0H43EGGW Value: GS1.1.1704782834.1.0.1704782834.60.0.0
.smadex.com/	1970-01-20 17:54:38	Name: smxdc Value: 1
.resortscasino.com/	1970-01-21 03:09:02	Name: ol-OL_Tracking_ID Value: @OL@7292abf9410da1bbefb3c8200db9
.resortscasino.com/	1970-01-21 03:09:02	Name: ol-OL_LIB_INSTALL_TIME Value: 1704782834739
.resortscasino.com/	1970-01-21 03:09:02	Name: ol-OL_APP_CLEAN_INSTALL_TIME Value: 1704782834739
.resortscasino.com/	1970-01-21 03:09:02	Name: _ga Value: GA1.2.93025494.1704782835
.resortscasino.com/	1970-01-20 17:34:29	Name: _gid Value: GA1.2.654988512.1704782835
.resortscasino.com/	1970-01-20 17:33:02	Name: _gat_UA-59913499-1 Value: 1
.resortscasino.com/	1970-01-20 17:33:03	Name: ol-OL_Session_Id Value: 19ac20e5-54e4-473a-8111-bea7f0d1d7b3
.resortscasino.com/	1970-01-20 17:33:03	Name: ol-OL_Phash Value:
.resortscasino.com/	1970-01-21 02:18:38	Name: _hjSessionUser_88150 Value: eyJpZCI6IjU2ZTlkNWRkLTUyYzItNTIzYy04YjIyLWI1M2Q3MWE3ZGE3OSIsImNyZWF0ZWQiOjE3MDQ3ODI4MzQ5MDIsImV4aXN0aW5nIjpmYWxzZX0=
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjFirstSeen Value: 1
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjIncludedInSessionSample_88150 Value: 0
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjSession_88150 Value: eyJpZCI6IjlmZjVhZGEwLTAyZTUtNGRkMi1hZmM0LTUyNGJlNGM3YTJkZCIsImMiOjE3MDQ3ODI4MzQ5MDMsInMiOjAsInIiOjAsInNiIjoxfQ==
.resortscasino.com/	1970-01-20 17:33:04	Name: _hjAbsoluteSessionInProgress Value: 0
www.resortscasino.com/	1970-01-21 03:09:02	Name: _tq_id.TV-453672-1.65ff Value: c4f38a441ab214fc.1704782835.0.1704782835..
.doubleclick.net/	1970-01-21 02:54:38	Name: IDE Value: AHWqTUlgm6ECvuSLuThKC5dB9n5JpjDzFDO3p_N3yaPbqB7knCS8IGOzMqqWITXuLlU
www.resortscasino.com/	1969-12-31 23:59:59	Name: SG_CLI_DVC_ID Value: 3915540884
.yahoo.com/	1970-01-21 02:19:00	Name: A3 Value: d=AQABBPPrnGUCEP_tqjnQkLlP-nQEDpamunsFEgEBAQE9nmWmZeATyiMA_eMAAA&S=AQAAApYc4HNdns7WdmxKm-2La0g
.adform.net/	1970-01-20 18:17:41	Name: C Value: 1
.adform.net/	1970-01-20 18:59:26	Name: receive-cookie-deprecation Value: 1
www.resortscasino.com/	1970-01-21 02:18:38	Name: LG_CU_CHA Value: \|/signup/\|\|01/09/2024 1:47 a.m. \|\|\|
.resortscasino.com/	1970-01-20 17:33:06	Name: _no_tracky_101132698 Value: 1
.adform.net/	1970-01-20 18:59:26	Name: uid Value: 5719941488255713482
www.resortscasino.com/	1969-12-31 23:59:59	Name: threat_metrix_session_id Value: 8fe4064176fa4003b0f41c8c1f9851a8
compliance.resortscasino.com/	1970-01-21 03:09:02	Name: thx_guid Value: 042c50842a0fcdbdf8e0d2d8bae231e8
compliance.resortscasino.com/	1970-01-21 03:09:02	Name: tmx_guid Value: AAzs_NR2nF8KfUEE8RgBTVCq3MW5OFingdjHVXV8jHu9hVnYGCzgdLfRItGih1fWKwXJJp8GELa84pFfCx8TwqKPN-IEog
.simpli.fi/	1970-01-20 17:43:07	Name: uid_syncd_secure Value: true
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-App Open Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Feedback Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Location Prompt Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Location Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Manual Location Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Manual Notification Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Notification Prompt Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Notification Settings Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 1 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 2 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 3 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 4 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 5 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 6 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 7 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 8 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement 9 Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement A Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement B Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement C Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement D Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement E Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Placement F Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Push Open Value:
.resortscasino.com/	1969-12-31 23:59:59	Name: ol-OL-Content-Store Launch Value:
.connextra.com/	1970-01-21 02:18:38	Name: ResortsAtlanticCity Value: P%7Cregstart%7C1%7C202401090647
.connextra.com/	1970-01-21 02:18:38	Name: CxtId Value: dca115bf-3163-443b-846a-a92ed252c7dc
.tapad.com/	1970-01-20 18:59:26	Name: TapAd_TS Value: 1704782835976
.tapad.com/	1970-01-20 18:59:26	Name: TapAd_DID Value: e6759c6e-dbcf-4392-a741-aba75d1d604c
.adnxs.com/	1970-01-21 03:09:02	Name: XANDR_PANID Value: aNh7fWCfkBXbRK-M46u3cXkGQXchUfqkHTlzxnKScti2XxAh6sy0F3nP_4dXYqRQ5Z1xs1HxmkWNSJX_4NlH_1GRIh_SvbtzXzBVMDriCl0.
.adnxs.com/	1970-01-20 19:42:38	Name: anj Value: dTM7k!M4.FEVNsVF']wIg2IlawY_PD!fsuh+5T_NpDj>lih.1^3O*oKIakVuJ$/V/^vY4+3O4uJJ+x-]4Ko(0^ZebzuoI(6+I'sZ!2>h9/+0J2!/s8F#ts[)
.1rx.io/	1970-01-21 02:18:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-052b6881-52d7-4f34-9541-106b3379dde0-003%22%7D
.tapad.com/	1970-01-20 18:59:26	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-21 02:18:38	Name: ab Value: 0001%3AxtOmJHS33fw8eKaLVZTV7%2F4fqoGJd%2BqU
.bluekai.com/	1970-01-20 21:55:07	Name: bku Value: blx99wEg7sP+Gu6m
.bluekai.com/	1970-01-20 21:55:07	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwE9pBpR0HMDhHAR01MxTBWWTBpz6BAjYBARh1WWymEWT9y9AFQ+L
widget-mediator.zopim.com/	1970-01-20 17:43:07	Name: AWSALBCORS Value: ePm1Kefq6s4nW6j+9Zj1FKFM4yBA3q9rsXA/19INTltfZPXTGOaV/hGsA2lzAm2WmrQqFWAC5HDwvcDtdnDUir9r4ZtEmRAVkeeb3fM/s+RBUYebtfhtQ+SWwWnu
.pro-market.net/	1970-01-20 18:16:14	Name: anHistory Value: "iizm1j4ur8ez+2+!#7%.!*##br"
h.online-metrix.net/	1970-01-21 03:09:02	Name: thx_global_guid Value: c170bb87210e4da7ae377b4a31df83e1
.bfmio.com/	1970-01-21 02:18:38	Name: __141_cid Value: 03762F51FF22484A87746FB6F10A0918
.bfmio.com/	1970-01-21 02:18:38	Name: __io_cid Value: 6c4ea7b665f651d576a2ac16dc92310ed2025768
.pro-market.net/	1970-01-20 21:52:14	Name: anProfile Value: "iizm1j4ur8ez+1+1f=1+1g=1+1j=41+rs=s+rt=2A0104A0002B00000000000000000006+s2=(s6zeus)+vm=24-03762F51FF22484A87746FB6F10A0918:53-CAESEO8WF6MG0ZpkEw2ZwrHoGow"
.agkn.com/	1970-01-21 02:18:38	Name: u Value: C\|0AAAAAAAALS-odAAAAAAA
.targeting.unrulymedia.com/	1970-01-21 02:18:38	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-052b6881-52d7-4f34-9541-106b3379dde0-003%22%7D
.resortscasino.com/	1970-01-21 02:18:38	Name: __zlcmid Value: 1JjmPMg4lplGJVS

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
deprecation	warning	URL: https://www.resortscasino.com/static/javascripts/compiled/casinoresorts/main.min.js?rev=3.20.5(Line 2) Message: Listener added for a synchronous 'DOMNodeInserted' DOM Mutation Event. This event type is deprecated (https://w3c.github.io/uievents/#legacy-event-types) and work is underway to remove it from this browser. Usage of this event listener will cause performance issues today, and represents a risk of future incompatibility. Consider using MutationObserver instead.
network	error	URL: https://datplus.springserve.com/px/tag/288? Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://secure.adnxs.com/seg?add=5150196&t=1 Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://resortactracksdk.optimove.net/piwik.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=03762F51FF22484A87746FB6F10A0918 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=03762F51FF22484A87746FB6F10A0918 Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=03762F51FF22484A87746FB6F10A0918 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	ALLOW-FROM HTTPS://CL.KGMSRV.COM/ ALLOW-FROM HTTPS://CL.KGMSRV.COM/

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a2.adform.net
aa.agkn.com
bcp.crwdcntrl.net
broadbeam-5-adswizz.attribution.adswizz.com
cdn.otherlevels.com
cdn.taboola.com
ce.lijit.com
cigsl5rh4cigpaokh4jobqhuamg6bd4cohjrdu2uc33ef46ceb3cda83am1.e.aa.online-metrix.net
clients.getscaled.com
cm.g.doubleclick.net
cm.smadex.com
collector-562.tvsquared.com
compliance.resortscasino.com
connect.facebook.net
d.agkn.com
datplus.springserve.com
eb2.3lift.com
ekr.zdassets.com
fei.pro-market.net
geo-tracker.smadex.com
go.affec.tv
googleads.g.doubleclick.net
h.online-metrix.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
in.getclicky.com
js-api.otherlevels.com
js-content.otherlevels.com
loadm.exelator.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
region1.google-analytics.com
resortactracksdk.optimove.net
resorts.zendesk.com
s.ad.smaato.net
s.yimg.com
s2.adform.net
script.hotjar.com
sdk-cdn.optimove.net
secure.adnxs.com
simplifi.partners.tremorhub.com
sp.analytics.yahoo.com
stags.bluekai.com
static.getclicky.com
static.hotjar.com
static.zdassets.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.bounceexchange.com
tag.simpli.fi
trc-events.taboola.com
trc.taboola.com
tsmtpclick.com
um.simpli.fi
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.resortscasino.com
zz.connextra.com
datplus.springserve.com
104.102.33.171
104.16.179.60
104.16.51.111
104.18.70.113
107.154.132.121
108.157.4.72
13.248.245.213
141.226.228.48
142.250.185.130
142.250.186.34
151.101.193.44
18.173.233.79
18.245.60.10
18.66.112.102
18.66.97.53
185.167.164.39
199.187.172.5
2001:4860:4802:32::36
2001:4860:4802:34::36
209.124.85.247
212.82.100.181
216.52.2.30
2600:1901:0:8eee::
2600:1f18:612b:4232:8e14:fb12:eab5:43f8
2600:9000:211e:8c00:1b:5138:8a40:93a1
2606:4700::6811:626c
2a00:1288:80:807::2
2a00:1450:4001:80e::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:828::2004
2a00:1450:4001:82a::200e
2a00:1450:400c:c00::9d
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.123.94.79
3.136.125.130
34.111.113.62
34.120.253.250
34.215.99.216
35.157.249.250
35.201.79.141
35.204.158.49
35.234.162.151
35.244.159.8
35.244.174.68
37.157.5.73
37.252.171.53
46.228.174.117
52.17.110.172
52.44.250.119
52.49.23.84
52.89.23.110
54.194.142.151
54.76.237.168
54.78.254.47
69.173.144.138
72.246.169.24
91.235.132.130
91.235.134.131
91.235.134.24
04208ea43b2b51c5a05863fdb5f4c248125040d4cbb9deed84e2b3a557e6ebda
051d2a68df2b537c8b63f1237519ae44a2148a4ef76ce93750f80d16128c2f8e
0667094730c910ca2134e354646ba6c7e5b7c4bd3a882b35ab466387f7f3689e
066ecc231bdde1a2949331b7218f0b49fd09905886f44d54201e6b50be569f6a
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bacdb548e164cf35287770db84873bbb8d2da7f85a04fb4ba9c8b692d773fd1
0e4b1e428a2198ef747010c094101c257b568a97cdcc0f31ed5e9868cc835b39
1286879e461d713585a76ee3e422d862060c3bfda30097e242660ddfb084aa1b
12c7cc1a1ae1e5c52e53c169b3038a4b7ca0a207df0193b349ef9e4661756d1f
15880d7f76beb16263f32b0048e67f50ca7f8029b991a49ebffd04c45fabccf1
15c53b41755b7dbbf631697798b043b1eb429674afb2580b605d468c7f8593b7
24ed6671978ad2dcceb01b7dc2da1dfff7b78e020226faf64cb5ac83617665a7
27bc4fec5ee42fd1438fc4ce0f5ec547f949ee8f5f4753bfb9e6e38962756b68
290e447097ca54178885e4b326e78a7f140d8f1a7bed519bfc94db2040d9b6c8
2e6cf6ec81679a6fd81a79adb28d30fb24ca8712023ac1721fbe26441ce430c7
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f9392bfe29ae4a6b417d8d07f0e2b63a02c3336d061ba2214af8abe58f12877
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
33d232a0ad874c69bd4a9f24dd74f4576f14b64dae289cd7eb759c802191e633
34fe5baf32720c554475c55bd1505cf5e84783c4456ce67c65aa43607508c4ca
372121a2efdc742ffc6fb84b5f5b3f857316fd82d27c7ace767c299b4834e058
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
480b06b23e574b4bf386fde1a91145a4171f97aeb5ee800e4be1850f29b1ad91
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cd33d45182f7478db0c54f285c7f57a4c00065d19d5eba6c299d5d624184370
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5415326eeb1895aa8b63ba1199e43c5d16b54c3c22ef286e4a46f603121eec8b
54621ee609b20e5eef1b3d370c9cdd2e83a224efa9dd015727d4a2a3d4410296
5ba29f9f342c18191f7170127613f80ae12418f65fea4aa4844fff528862c845
5fc7c56821ed5ac0a40aecde186c558d6b846831cbd483f434ed862fd1b955c7
6030ece81c7d2ae0cb07047959420c973d5fc67ff6215968e61af86f8f9a383d
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
66500550e48a6abc5bd9c051226c62135d6d142e7464d3c19d7990746291920a
6a393fa0deff75c761b596183b83ecfb6aecbd3788c298130073a1b98cd91585
7a8a584c850b3d65d4184b1111932560a757f12cd689f5441170c07c3975e6ab
7b361905ec1281e864a3aa2c26911bf3a3257d3964eb65c84eb0fb7ac9896608
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87aa0db99819433799e0809f0e7b490be1940f744e701321b7f31e09a7da63a2
885ab9db27d62a92a91f1bb8fa1dcc9ffd1da8512f32f8af2f9d452587d940ae
8b383920bd7e1d8a93b2eefa47b5f8dde56ff0f8db69d414da5c14eba7cc8066
912a88846bb5ac2cb80ba50d758c16dd81b176431aaaa88ad27649265da97136
95518cbec0d55a574a9c8ef72a2a7d62ac0d40a4de5dfe67a76a7d214dc8b743
965cba95c928e95003ce37271090406eaa7d5c2d955230a785b2b3be8a9a17f5
9741f6dbbed8620d7a1e1af61d4b31a3ae6dda8c1f4ca48cd6dec5a776d065f7
97e5b0b6cfc2ba9815028429c069631ba12b294aa7419d1ea130accd0adc2d46
981e9dbd0169453bdef25e3118a3fe7b6b3d8f5b646da2439214fc5f0aa1d077
99c28ba77690124b83aea8cdbbb17ab1145ba247c791aeb4bad747b4248ac459
9e067a51888228d1fbef821e1548478a4c39a4886df22e002c0640549a650a4c
9f22f6e9d4852f8be0706b62fbd0eba20f6cb56171def5e387b2d95fcd07df01
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a231e0c02ad917ff91617656d5c03d1bec42c77d8a99a5494e7480e628b2a486
a29e4af6aa6a95982d1092a20f0068173b9a9d5df0a89bc99da556aebec3ce54
a3ab3f8aa7752aea21b15dc68b6fa9859d3b3bb4e2476e0d1bff980eb5f39f46
a463aa6666ce0abcabf8033013cfe881fdbfb570389aff471d400a45b3a496d4
a48fd35c61908d912b5ac9e1face12e0962a0d9ecc8679e87db4031697cec54e
aec10ed4786a967d972236584c6925194567c19572110d64e2ea63b727c529b0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b16a09a6c172f1def0e126c2631a862d3cdc503ec6bf09b69c4d51817ed2aa7a
b1ff344c29dfe132c4d5663981d939562a86bed8413984f812c02a6a3bae80a4
b5b925e013f65c57512f3b8fc1aff6f57541e59c0e5b8635fa8c45da4ef63c89
b679bc2df07b76f5d4691289d6923d1ae38b3daf0a9ee9dfcec1d020a77935b9
b8b213373c49a311f1200af0708d87166b94db6fae492576dc4b8cd7519dce3b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb36a15b39954e4d96f71edb31a886e40d4adf623c8d6b4532957bd39cafd4d2
bcbad34cb83db532affa31ba77436a63686936eb43376880022152a58bd9cf45
c07a1ff7aa4100e7246ce4a9c8b633648ec12addd93fcf1a51a5c728d5dadb0e
c6fdc845da96a8d9a7ea2a44b3098336d0c79920a3bdfbd114d7868227f1511a
c93b5f9c2d83611b9a9ba0333b0b499b385cdce2aee9edaac6daf8a134cf5555
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14974aac0633678cfb9d8c21bae04a1616d7f225bdfa4b5fca75e17f49ef7b9
dac79d2bf18dfa4dc8ef564e35de01d65919baec579f0a7705ac54e4336c769a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10ac8e6f76747c1475e8d310c109e553207bde8f24601414b26845fe525606e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8ff93a0afcec29e7a03cbf2d81aa8b8d7a328e9a91c633c43ba237b939d04aa
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0682c5bcb9a2e1a7a27212c0fcebe713d653ad64e32742d4a4dbea937bb6bb7
f0802818040a298f240cc7a1dd6bf398b19981a52a6fa113eb7f8d058ef68128
f0c71e3da5b3fcab3c66af1cf0cdbf262c97b9330b7b37116f1ae2ab18bdc660
f1cb57eab48e93e07eaa3e64ff0cc810c1cdd27a7534008efcb81f0712115cb8
f316739766275db3a4f67a4efe73909192d17012ed02151d75a27552a7535062
f5d05d39d2219564f1c00ecffa0f75c63e2dd6083795cfc7fbaae5c133c8c73d
f6049c45c583f228c92390657a29242854f7fe5f138dab862a146c08d3c40a55
f76ba93a0ba83b8293fec79374fba39a5b44bbafe99ea2b5e97f067e87dc7c55
f7bd009e361a96129158c60dc57080f487ab887129889c28b0bb84c95f934d57
f8cfcbab2586e33b922e03a33ee452423ee95739bc0a2d95e7d45e9262825a24
fb8032c6d54e10e902616320a7214dbf15a76b71358b328e8e3c450eb99f332c

www.resortscasino.com Open in urlscan Pro 104.16.179.60 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

140 Requests

81 %HTTPS

25 %IPv6

48 Domains

69 Subdomains

55 IPs

8 Countries

2401 kBTransfer

8253 kBSize

88 Cookies

3 Outgoing links

Page URL History

Redirected requests

140 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.resortscasino.com Open in urlscan Pro
104.16.179.60 Public Scan

Screenshot
Live screenshot

Full Image

140
Requests

81 %
HTTPS

25 %
IPv6

48
Domains

69
Subdomains

55
IPs

8
Countries

2401 kB
Transfer

8253 kB
Size

88
Cookies

140 HTTP transactions
0 data transactions