www.wintergreenresort.com Open in urlscan Pro
2606:4700:10::6814:c16c Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://links.email1.ascent360.org/els/v2/EZbAS6rN3wQx/TEJhTWZTZ25QUlIvRm44WXFVcjhxYThpaFBTQ3pIVmp4NG5PZ0l3WmUwTGozSFRoUnhDallwelIz...
Effective URL:
https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=...
Submission: On December 25 via manual (December 25th 2021, 6:59:46 pm UTC) from US — Scanned from CA

Summary HTTP 79 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 25 IPs in 3 countries across 25 domains to perform 79 HTTP transactions. The main IP is 2606:4700:10::6814:c16c, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.wintergreenresort.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 29th 2021. Valid for: a year.

This is the only time www.wintergreenresort.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.60.182.80 52.60.182.80	16509 (AMAZON-02) (AMAZON-02)
1 34	2606:4700:10:... 2606:4700:10::6814:c16c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	199.125.15.90 199.125.15.90	46089 (AS2-NAVIS) (AS2-NAVIS)
2	2606:4700:10:... 2606:4700:10::6816:227f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::622 2a04:4e42::622	54113 (FASTLY) (FASTLY)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
1	2606:4700::68... 2606:4700::6810:5e41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	184.29.128.222 184.29.128.222	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2607:f8b0:400... 2607:f8b0:4006:822::2008	15169 (GOOGLE) (GOOGLE)
1	52.173.149.65 52.173.149.65	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	142.250.64.98 142.250.64.98	15169 (GOOGLE) (GOOGLE)
4	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
2	65.8.249.81 65.8.249.81	16509 (AMAZON-02) (AMAZON-02)
1	2620:1ec:49::70 2620:1ec:49::70	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f01... 2a03:2880:f012:8:face:b00c:0:1	32934 (FACEBOOK) (FACEBOOK)
2	3.96.5.142 3.96.5.142	16509 (AMAZON-02) (AMAZON-02)
1 2	68.67.178.10 68.67.178.10	29990 (ASN-APPNEX) (ASN-APPNEX)
2	2607:f8b0:402... 2607:f8b0:4023:1404::9d	15169 (GOOGLE) (GOOGLE)
2	52.239.221.68 52.239.221.68	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2607:f8b0:400... 2607:f8b0:4006:820::2002	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
3	20.84.22.197 20.84.22.197	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 2	40.91.78.9 40.91.78.9	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	2a03:2880:f11... 2a03:2880:f112:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2607:f8b0:400... 2607:f8b0:4006:807::2004	15169 (GOOGLE) (GOOGLE)
1 5	35.186.226.184 35.186.226.184	15169 (GOOGLE) (GOOGLE)
2 2	107.178.246.49 107.178.246.49	15169 (GOOGLE) (GOOGLE)
79	25

1 52.60.182.80 (Montreal, Canada) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-60-182-80.ca-central-1.compute.amazonaws.com

links.email1.ascent360.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2606:4700:10::6814:c16c (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.wintergreenresort.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.125.15.90 (United States)

ASN46089 (AS2-NAVIS, US)
PTR: ncdb.hil.us.thenavisway.com

www.navistechnologies.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:227f (United States)

ASN13335 (CLOUDFLARENET, US)

media.guestdesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::622 (United States)

ASN54113 (FASTLY, US)

e.issuu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5e41 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 184.29.128.222 (Edison, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a184-29-128-222.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.173.149.65 (Des Moines, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ui.customsearch.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.64.98 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s31-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2607:f8b0:4006:821::200e (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.8.249.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-8-249-81.mia3.r.cloudfront.net

sc-static.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:49::70 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:8:face:b00c:0:1 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.96.5.142 (Montreal, Canada)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-96-5-142.ca-central-1.compute.amazonaws.com

www.sc.pages08.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pages08.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.67.178.10 (Secaucus, United States) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4023:1404::9d (Columbus, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.239.221.68 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

hosteduxprod.blob.core.windows.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:820::2002 (United States)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81e::2003 (United States)

ASN15169 (GOOGLE, US)

www.google.ca	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.84.22.197 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

f.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 40.91.78.9 (United States) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f112:83:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:807::2004 (United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 35.186.226.184 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 184.226.186.35.bc.googleusercontent.com

tr.snapchat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.246.49 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 49.246.178.107.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	wintergreenresort.com 1 redirects www.wintergreenresort.com	3 MB
6	clarity.ms 1 redirects www.clarity.ms f.clarity.ms c.clarity.ms	25 KB
5	snapchat.com 1 redirects tr.snapchat.com	2 KB
4	mathtag.com pixel.mathtag.com	4 KB
3	google.ca www.google.ca	762 B
3	google.com analytics.google.com www.google.com	1009 B
3	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	tapad.com 2 redirects pixel.tapad.com	889 B
2	facebook.com www.facebook.com	497 B
2	windows.net hosteduxprod.blob.core.windows.net	13 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	pages08.net www.sc.pages08.net www.pages08.net	15 KB
2	facebook.net connect.facebook.net	113 KB
2	sc-static.net sc-static.net	14 KB
2	googletagmanager.com www.googletagmanager.com	130 KB
2	guestdesk.com media.guestdesk.com	2 KB
1	bing.com 1 redirects c.bing.com	744 B
1	googleadservices.com www.googleadservices.com	14 KB
1	customsearch.ai ui.customsearch.ai	4 KB
1	cloudflareinsights.com static.cloudflareinsights.com	5 KB
1	jquery.com code.jquery.com	33 KB
1	issuu.com e.issuu.com	37 KB
1	navistechnologies.info www.navistechnologies.info	7 KB
1	ascent360.org 1 redirects links.email1.ascent360.org	362 B
79	25

	Domain	Requested by
34	www.wintergreenresort.com	1 redirects www.wintergreenresort.com static.cloudflareinsights.com
5	tr.snapchat.com	1 redirects sc-static.net
4	pixel.mathtag.com	www.wintergreenresort.com pixel.mathtag.com
3	f.clarity.ms	www.clarity.ms f.clarity.ms
3	www.google.ca	www.wintergreenresort.com
3	www.google-analytics.com	www.googletagmanager.com www.wintergreenresort.com
2	pixel.tapad.com	2 redirects
2	www.google.com	www.wintergreenresort.com
2	www.facebook.com	www.wintergreenresort.com
2	c.clarity.ms	1 redirects www.wintergreenresort.com
2	hosteduxprod.blob.core.windows.net	ui.customsearch.ai hosteduxprod.blob.core.windows.net
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	secure.adnxs.com	1 redirects www.wintergreenresort.com
2	connect.facebook.net	www.wintergreenresort.com connect.facebook.net
2	sc-static.net	www.googletagmanager.com tr.snapchat.com
2	www.googletagmanager.com	www.wintergreenresort.com www.googletagmanager.com
2	media.guestdesk.com	www.wintergreenresort.com
1	www.pages08.net
1	c.bing.com	1 redirects
1	analytics.google.com	www.googletagmanager.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.sc.pages08.net	www.googletagmanager.com
1	www.clarity.ms	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ui.customsearch.ai	www.wintergreenresort.com
1	static.cloudflareinsights.com	www.wintergreenresort.com
1	code.jquery.com	www.wintergreenresort.com
1	e.issuu.com	www.wintergreenresort.com
1	www.navistechnologies.info	www.wintergreenresort.com
1	links.email1.ascent360.org	1 redirects
79	30

This site contains links to these domains. Also see Links.

Domain
owc.enterprise.earthnetworks.com
members.wintergreenresort.com
www.wintergreenrealestate.com
secure.wintergreenresort.com
www.tripadvisor.com
apps.apple.com
play.google.com
www.wtgpoa.org
www.twnf.org
wintergreen-music.org
wintergreenadaptivesports.org
wtgsportingclub.org
www.facebook.com
www.twitter.com
www.pinterest.com
www.instagram.com
www.youtube.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-29` - `2022-06-28`	a year	crt.sh
ncdb.hil.us.thenavisway.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-07` - `2022-11-07`	a year	crt.sh
*.guestdesk.com Thawte RSA CA 2018	`2021-01-26` - `2022-01-30`	a year	crt.sh
*.issuu.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-14` - `2022-08-14`	a year	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2021-06-29` - `2022-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.customsearch.ai Microsoft RSA TLS CA 01	`2021-10-06` - `2022-10-06`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sc-static.net DigiCert TLS RSA SHA256 2020 CA1	`2021-02-11` - `2022-02-15`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2021-06-01` - `2022-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-04` - `2022-01-02`	3 months	crt.sh
*.engage8.silverpop.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-05-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.blob.core.windows.net Microsoft RSA TLS CA 01	`2021-11-04` - `2022-11-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.ca GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tr.snapchat.com DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-01-23`	a year	crt.sh

This page contains 4 frames:

Primary Page: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Frame ID: DF3B802D66B8925155B6B7F991CA2ED2
Requests: 74 HTTP requests in this frame

Frame: https://pixel.mathtag.com/sync/iframe?mt_uuid=e70c61c7-6a19-4e00-9498-310fdec75871&no_iframe=1&mt_adid=114781&source=mathtag
Frame ID: E1528D0136303FDDA5A77EB5EA49C9A8
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/i?pid=71cc2b07-77b6-4b49-9478-51a6654d08c4
Frame ID: 06598CBE4E55F3182EBCAF2964CEB27D
Requests: 2 HTTP requests in this frame

Frame: https://tr.snapchat.com/cm/p?rand=1640274902945&pnid=140&pcid=c008657b-de67-46b2-9b38-8a44a1fbd63b
Frame ID: 49FE995C40914775096766BBD671E9EF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Wintergreen Resort: Premier Blue Ridge Mountain Ski, Golf, Tennis, Spa and Family Vacation Resort in Virginia

Page URL History Show full URLs

http://links.email1.ascent360.org/els/v2/EZbAS6rN3wQx/TEJhTWZTZ25QUlIvRm44WXFVcjhxYThpaFBTQ3pIVmp4NG5PZ0l3WmUw... HTTP 302
https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNT... Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Glyphicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:<link[^>]* href=[^>]+glyphicons(?:\.min)?\.css|<img[^>]* src=[^>]+glyphicons)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

79
Requests

96 %
HTTPS

54 %
IPv6

25
Domains

30
Subdomains

25
IPs

3
Countries

3278 kB
Transfer

4367 kB
Size

44
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://owc.enterprise.earthnetworks.com/OnlineWeatherCenter.aspx?aid=7184

Search URL Search Domain Scan URL

URL: https://members.wintergreenresort.com/
Title: Membership

Search URL Search Domain Scan URL

URL: https://www.wintergreenrealestate.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://secure.wintergreenresort.com/SpaRequest/Default.aspx
Title: Spa Reservation Request

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/Hotel_Review-g58322-d116021-Reviews-Wintergreen_Resort-Wintergreen_Virginia.html

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/wintergreen-resort/id1489657849?ls=1
Title: Apple Download

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.resortstapped.WINTERGREEN
Title: Android Download

Search URL Search Domain Scan URL

URL: https://www.wtgpoa.org/hike
Title: Hike Wintergreen

Search URL Search Domain Scan URL

URL: https://www.twnf.org/
Title: The Nature Foundation at Wintergreen

Search URL Search Domain Scan URL

URL: https://wintergreen-music.org/
Title: Wintergreen Performing Arts

Search URL Search Domain Scan URL

URL: https://wintergreenadaptivesports.org/
Title: Wintergreen Adaptive Sports

Search URL Search Domain Scan URL

URL: https://wtgsportingclub.org/
Title: Wintergreen Sporting Club

Search URL Search Domain Scan URL

URL: https://www.wtgpoa.org/home
Title: Wintergreen Community

Search URL Search Domain Scan URL

URL: https://www.facebook.com/WintergreenResort

Search URL Search Domain Scan URL

URL: https://www.twitter.com/WintergreenVA

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/wtg664/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/wintergreenresortva/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/WintergreenResortVA

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://links.email1.ascent360.org/els/v2/EZbAS6rN3wQx/TEJhTWZTZ25QUlIvRm44WXFVcjhxYThpaFBTQ3pIVmp4NG5PZ0l3WmUwTGozSFRoUnhDallwelIzdUlTZUY4RDVhTTcycVo2YnRRMy9MZVpqV2xnSmdpSUMvZXcrVWJxcGRDRFN6RCt4ZU09S0/ HTTP 302
https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 18

https://www.wintergreenresort.com/this-week-at-wintergreen/js/bootstrap.min.js HTTP 302
https://www.wintergreenresort.com/

Request Chain 45

https://secure.adnxs.com/seg?add=2890493&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2

Request Chain 55

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6AE5987667F14026A1E6D587DF0F0A1A&RedC=c.clarity.ms&MXFR=394190A6E5C16CF03C0481BEE1C162C7 HTTP 302
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AE5987667F14026A1E6D587DF0F0A1A&MUID=34DB74333D996AD83A58652B3C4F6BB8

Request Chain 75

https://tr.snapchat.com/cm/s?pnid=140&cb=1640458779613 HTTP 302
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640274902945%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640274902945%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D HTTP 302
https://tr.snapchat.com/cm/p?rand=1640274902945&pnid=140&pcid=c008657b-de67-46b2-9b38-8a44a1fbd63b

79 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.wintergreenresort.com/this-week-at-wintergreen/
Redirect Chain

http://links.email1.ascent360.org/els/v2/EZbAS6rN3wQx/TEJhTWZTZ25QUlIvRm44WXFVcjhxYThpaFBTQ3pIVmp4NG5PZ0l3WmUwTGozSFRoUnhDallwelIzdUlTZUY4RDVhTTcycVo2YnRRMy9MZVpqV2xnSmdpSUMvZXcrVWJxcGRDRFN6RCt4ZU0...
https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2

30 KB
9 KB

598ms
559ms

Document
text/html

2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e048c3150c7b613e1f0ce0339aee5792f6fb5ad06100e3dc852c09be4c2ede6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
pragma: no-cache
expires: -1
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6c344eba6824714a-YUL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Sat, 25 Dec 2021 18:59:36 GMT
Content-Length: 0
Connection: keep-alive
location: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
content-language: en-CA
x-envoy-upstream-service-time: 1
server: istio-envoy

GET
H2 200 bootstrap.min.css
www.wintergreenresort.com/css/ 97 KB
17 KB 516ms
514ms Stylesheet
text/css 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/css/bootstrap.min.css

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

275662a54acdf50df65202f98c3987434b68145874bf8568b336c6e3d784edff

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 31 May 2018 03:04:55 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public
cf-ray: 6c344ebe0c87714a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 custom.css
www.wintergreenresort.com/css/ 46 KB
8 KB 473ms
471ms Stylesheet
text/css 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/css/custom.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fd852c2d57ce17da10bca22467e3a6686f6b53c6a23d5b966fa0ea6a52d7594

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 07 Jun 2018 17:00:39 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public
cf-ray: 6c344ebe0c88714a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 glyphicons.css
www.wintergreenresort.com/css/ 37 KB
7 KB 447ms
445ms Stylesheet
text/css 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/css/glyphicons.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c9b834d0adf85a6efb491a67e3bb4520e3fc7bb5e0602499c081721ca5d994c3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 28 Jun 2016 20:25:50 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
cache-control: public
cf-ray: 6c344ebe0c89714a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 respond.js Show response
www.wintergreenresort.com/js/ 4 KB
2 KB 338ms
337ms Script
application/x-javascript 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/js/respond.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb602c15a149c572f857d5e7b163b6551e162539a11fe97d592e217bcd4e5846

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 05 Jan 2014 15:57:14 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 6c344ebe0c8d714a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK js.aspx Show response
www.navistechnologies.info/JavascriptPhoneNumber/ 24 KB
7 KB 385ms
148ms Script
text/javascript 199.125.15.90
AS2-NAVIS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.navistechnologies.info/JavascriptPhoneNumber/js.aspx?account=14777&jspass=1we1cqtb5kuqpued6hln&dflt=8556991858
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.125.15.90 , United States, ASN46089 (AS2-NAVIS, US),
Reverse DNS: ncdb.hil.us.thenavisway.com
Software: Microsoft-IIS/7.5 / ASP.NET
Resource Hash: d5e3a80af0232502094805277b488abe345f42d5f110a079fe5b1f474262ea4b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 18:59:37 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/7.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: private
Connection: Keep-Alive
Content-Length: 6557

GET
H2 200 bundle.js Show response
media.guestdesk.com/sites/guestdesk/ 2 KB
1 KB 59ms
21ms Script
application/javascript 2606:4700:10::6816:227f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.guestdesk.com/sites/guestdesk/bundle.js
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:227f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13687452ac7dbb5bd1d8b317bfe48907bc753a7674c3c857f352d50cf6ea5408

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 1423
cf-polished: origSize=2339
x-amz-request-id: KQDYHB44DJTG0Z0M
x-amz-id-2: VWJqEOJr5074Tw05ZXro4xMJGvGu5SXgREgKH4nmI6NkmBW41paT1TWCoh4A+9eZNvYolzr1lDg=
last-modified: Mon, 09 Nov 2020 15:26:08 GMT
server: cloudflare
etag: W/"96c08145121359f47b7cb23fdf6a9482"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
x-amz-version-id: A5LfTsrWDNtN5dLUsi_0U_yFbze1N_h0
cf-ray: 6c344ebe4994715a-YUL
cf-bgj: minify

GET
H2 200 gd5-screen.css
media.guestdesk.com/sites/wintergreenresort_com/css/ 322 B
410 B 159ms
121ms Stylesheet
text/css 2606:4700:10::6816:227f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://media.guestdesk.com/sites/wintergreenresort_com/css/gd5-screen.css
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6816:227f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 080501e9b51e97cfeb997791067fc28a98deea2bf5595460630b8802ec548f09

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
x-amz-request-id: F9E06DSN5R4R8HA6
cf-polished: origSize=404
cf-ray: 6c344ebe4993715a-YUL
x-amz-id-2: E75GjYjU8TSbN99/cuKfeqHQCNo9dHw0Kd9JpznPQbrcAo+005FA8TxTxUWgG+CDA1q65+KpVCw=
last-modified: Wed, 28 Oct 2020 00:12:18 GMT
server: cloudflare
etag: W/"eb33d841d1a25af5fcbadcc8b00e7b97"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=14400
content-type: text/css
cf-bgj: minify

GET
H2 200 custom.js Show response
www.wintergreenresort.com/js/ 632 B
435 B 324ms
323ms Script
application/x-javascript 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/js/custom.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

868ff8865bcee678c822e61005a3be866a0c45cb04dd6e0ba44e68f17bd1db8b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Fri, 02 Nov 2018 16:05:47 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 6c344ebe0c90714a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 embed.js Show response
e.issuu.com/ 119 KB
37 KB 57ms
11ms Script
application/javascript 2a04:4e42::622
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://e.issuu.com/embed.js
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::622 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6764ab90e94ef266d1fec4ab8c67b2c7e8e2d772c2f95e3a1b9daa56bc28d6f4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: gzip
age: 132
via: 1.1 varnish
x-cache: HIT
content-length: 37414
x-amz-id-2: 8zYHych+ZuYCa1Cq5NKgokYaAhb4hJF3p+IuU2HZJUedsYccKyntbHUVAXvRPH6oYnZ4Mhc0soY=
x-served-by: cache-yul12832-YUL
last-modified: Thu, 09 Dec 2021 14:31:31 GMT
server: AmazonS3
x-timer: S1640458778.858491,VS0,VE1
etag: "9da7e454cb6ae3957615f2ce236526fc"
vary: Accept-Encoding
x-amz-request-id: FGVRD172K48Z9Z55
access-control-allow-origin: *
cache-control: public, max-age=300
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 1

GET
H3 200 api.js Show response
www.wintergreenresort.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 30ms
26ms Script
text/javascript 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 6c344ec15ce7ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 WebResource.axd
www.wintergreenresort.com/ 4 KB
1 KB 311ms
311ms Stylesheet
text/css 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/WebResource.axd?d=JxofuWNmobp6K6ut4guVDwTn-vA0Tvo5SmRhjrAZYoVl4_HIJ5u_HPJ1eEx4S13whqETkHWWcHsPi6m3iu59oPvzCDCLmW2-lY6iziB4PhXuVqm2rNEz5EXz8FSaSLmCDa-8m74I7osqCyhRnpAGRg2&t=635376413413569668

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38b05ae26a8d65eb1827894ff229a72854332ec25328a93740240c28b76814d1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Fri, 06 Jun 2014 15:49:01 GMT
server: cloudflare
x-aspnet-version
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: public
cf-ray: 6c344ebe0c8e714a-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sun, 25 Dec 2022 18:59:43 GMT

GET
H3 200 checkerberry-white.png
www.wintergreenresort.com/img/ 53 KB
54 KB 477ms
473ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/checkerberry-white.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb250091d770c2b246b733c8b3a6e9965b7618b7efb17c99b55ab9b584be7dce

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 18 Nov 2014 18:38:53 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15ce9ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 54620

GET
H3 200 WintergreenResort-3c-logo.png
www.wintergreenresort.com/img/ 12 KB
12 KB 419ms
414ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/WintergreenResort-3c-logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c651ee6beee305fb8f623dd1f6499741149688374e7a938bfba4fbfa351174c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 21 Mar 2014 13:33:10 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15cebca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 11904

GET
H3 200 after-snowstorm.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 325 KB
326 KB 475ms
471ms Image
image/jpeg 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/after-snowstorm.jpg?n=2477

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c679b22a9bffd0e840e76828eea397d845b71b33628c110bfa506a928337d8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 20 Nov 2015 15:39:31 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15cecca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 333021

GET
H3 200 the-edge-sunset.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 287 KB
287 KB 547ms
542ms Image
image/jpeg 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/the-edge-sunset.jpg?n=1205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb2a5d8631b36fa052e73eae9e53e3ca8a5e9ab2da15710d57dd7e4d50270110

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 04 Dec 2015 20:36:34 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15cefca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 293974

GET
H3 200 spa-massage-relaxation.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 169 KB
170 KB 496ms
492ms Image
image/jpeg 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/spa-massage-relaxation.jpg?n=6982

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8b1a8ddcb51cc4ea7b79f3186dd51f2f338dac7d567119fd72117d007eaafc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 17 Jan 2018 20:15:13 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15cf4ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 173202

GET
H3 200 frosty-morning.jpg
www.wintergreenresort.com/uploadedImages/Carousels/ 279 KB
279 KB 486ms
482ms Image
image/jpeg 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Carousels/frosty-morning.jpg?n=6548

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

981ffdb03c551affefbb0e80412a557ad9b9491a5c7ef96b0656499f22aca63a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 17 Jan 2018 20:10:00 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15cf9ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 285322

GET
H2 200 jquery-latest.min.js Show response
code.jquery.com/ 94 KB
33 KB 83ms
21ms Script
application/javascript 2001:4de0:ac18::1:a:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-latest.min.js
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: gzip
last-modified: Fri, 24 Oct 2014 00:16:08 GMT
server: nginx
etag: "54499a48-1762a"
vary: Accept-Encoding
x-hw: 1640458777.dop019.ny3.t,1640458777.cds217.ny3.hn,1640458777.cds012.ny3.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33202

GET
H3

200

/ Show response
www.wintergreenresort.com/
Redirect Chain

https://www.wintergreenresort.com/this-week-at-wintergreen/js/bootstrap.min.js
https://www.wintergreenresort.com/

39 KB
12 KB

603ms
603ms

Script
text/html

2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/

Requested by

Protocol

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85420c3b31347202168a798980ad4f6bf9b61394a32d554e725d6753451c1b13

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
x-aspnet-version
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store
cf-ray: 6c344ec33eacca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: -1

Redirect headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: MISS
last-modified: Sat, 25 Dec 2021 18:59:43 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
location: https://www.wintergreenresort.com
cache-control: public
cf-ray: 6c344ec14cdcca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 trip-advisor-transparent.png
www.wintergreenresort.com/img/ 14 KB
15 KB 407ms
403ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/trip-advisor-transparent.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fccf54f2c78dafb7265a79cf33ca3bfef5b65e09e90c5a9c41aea1732155598e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2017 22:19:44 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15cfdca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 14805

GET
H3 200 wintergreen-advantage-logo.png
www.wintergreenresort.com/img/ 21 KB
21 KB 396ms
392ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/wintergreen-advantage-logo.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

76588867b9ef488dc0be877e6ec98641b9fea6ece6dff4f8ecc106e621e2a2ac

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 08 Nov 2017 22:22:09 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d00ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 21544

GET
H3 200 twaw.jpg
www.wintergreenresort.com/uploadedImages/Activities/ 669 KB
670 KB 550ms
546ms Image
image/jpeg 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Activities/twaw.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0b1260935ab07df3ed5e70108ae513df6d8d680d0d1373b311ca47ec6a7d3e3e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 22 Dec 2021 20:11:45 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d01ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 685239

GET
H3 200 TWAW_back.jpg
www.wintergreenresort.com/uploadedImages/Activities/ 552 KB
553 KB 501ms
497ms Image
image/jpeg 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/uploadedImages/Activities/TWAW_back.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b01668936a4373c2a8c30018f5db16b296252410cbb10d93ade8fe5bbe279f2

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Wed, 22 Dec 2021 20:12:11 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d03ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 565656

GET
H3 200 fb.png
www.wintergreenresort.com/img/Social%20Icons/ 1 KB
1 KB 363ms
359ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/fb.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f285e457a1d45c6913440a6fe83e0330d09a3a675e3902029acfd9338a2c3c25

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 04 Apr 2014 16:00:27 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d05ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1187

GET
H3 200 twitter.png
www.wintergreenresort.com/img/Social%20Icons/ 2 KB
2 KB 432ms
427ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/twitter.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f9aa1b944601edaebf00c79485b0aeabffd2cd5d0d348ddfdfb0f0e2bd95613

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 04 Apr 2014 16:17:02 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d08ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1764

GET
H3 200 pinterest.fw.png
www.wintergreenresort.com/img/Social%20Icons/ 65 KB
65 KB 589ms
585ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/pinterest.fw.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7b700ece9f936cb6e30fb5df4a49382fb48ae570aba1541d60f5613129924046

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 04 Apr 2014 17:54:20 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d09ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 66282

GET
H3 200 instagram.png
www.wintergreenresort.com/img/Social%20Icons/ 1 KB
2 KB 342ms
338ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/instagram.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a9a6f6ed23f67f12215dffd789133f50ff9aaf7dba569e01ffbcbb66d6388b9

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 23 Jan 2015 16:05:27 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d0cca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1517

GET
H3 200 trip-advisor-green-icon.png
www.wintergreenresort.com/img/Social%20Icons/ 3 KB
3 KB 379ms
375ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/trip-advisor-green-icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dcc6bd834b68c084df2a98a804e1b0974f343b51344a36e126ca02a87c68545a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Tue, 03 May 2016 16:37:14 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d0dca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 2927

GET
H3 200 youtube.png
www.wintergreenresort.com/img/Social%20Icons/ 2 KB
2 KB 356ms
352ms Image
image/png 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.wintergreenresort.com/img/Social%20Icons/youtube.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c7af5aa28c8cecbf70de4d16db7ae2197d6c53953fd75a75e1f61ca3a5d9cf4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 04 Apr 2014 17:27:32 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d11ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 1768

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 75ms
47ms Script
text/javascript 2606:4700::6810:5e41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5e41 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.wintergreenresort.com/
Origin: https://www.wintergreenresort.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 6c344ec18cef713e-YUL

GET
H3 200 jquery-1.10.1.min.js Show response
www.wintergreenresort.com/js/ 91 KB
33 KB 516ms
515ms Script
application/x-javascript 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/js/jquery-1.10.1.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 19 Jun 2013 14:28:20 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 6c344ec15ce2ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H3 200 bootstrap.min.js Show response
www.wintergreenresort.com/js/ 27 KB
8 KB 410ms
408ms Script
application/x-javascript 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/js/bootstrap.min.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sun, 05 Jan 2014 15:35:40 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public
cf-ray: 6c344ec15ce3ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 1 KB
2 KB 111ms
43ms Script
text/javascript 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_id=660713&mt_adid=114781&v1=&v2=&v3=&s1=&s2=&s3=
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master ord-pixel-x52 config:1.0.0 /
Resource Hash: 85bed9e77434f3a8899177183bab0511541aa384a32c615879d784575bea05ba

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 18:59:37 GMT
Server: MT3 4133 baa842e master ord-pixel-x52 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 1411
Expires: Sat, 25 Dec 2021 18:59:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 200 KB
70 KB 91ms
43ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e580992f177165a8341a52e9b9bb40135e2ea30b41d79faa8bdab271771685a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 70679
x-xss-protection: 0
last-modified: Sat, 25 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 25 Dec 2021 18:59:37 GMT

GET
H3 200 Mark%20Simonson%20-%20Proxima%20Nova%20Regular.otf
www.wintergreenresort.com/fonts/ 92 KB
93 KB 557ms
556ms Font
application/octet-stream 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/Mark%20Simonson%20-%20Proxima%20Nova%20Regular.otf

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/custom.css
Origin: https://www.wintergreenresort.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Fri, 06 Jun 2014 16:52:40 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d12ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 94668

GET
H3 200 glyphicons-halflings-regular.woff
www.wintergreenresort.com/fonts/ 23 KB
23 KB 513ms
512ms Font
application/octet-stream 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/glyphicons-halflings-regular.woff

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/bootstrap.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/bootstrap.min.css
Origin: https://www.wintergreenresort.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Sun, 05 Jan 2014 15:35:44 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d13ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 23292

GET
H3 200 glyphicons-regular.woff2
www.wintergreenresort.com/fonts/ 94 KB
94 KB 534ms
533ms Font
application/octet-stream 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/glyphicons-regular.woff2

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/glyphicons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/glyphicons.css
Origin: https://www.wintergreenresort.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
cf-cache-status: EXPIRED
last-modified: Thu, 17 Dec 2015 06:37:42 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec15d15ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 96388

GET
H2 200 render Show response
ui.customsearch.ai/api/ux/ 9 KB
4 KB 197ms
47ms Script
application/javascript 52.173.149.65
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ui.customsearch.ai/api/ux/render?customConfig=2174796442&market=en-US&safeSearch=Moderate

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.173.149.65 Des Moines, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

8be7b952a06b1b0befc8755a2636af5a1e5ccadb7f913990d4153737ae52817c

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=16070400; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
date: Sat, 25 Dec 2021 18:59:38 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: no-cache
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 81ms
48ms Script
application/javascript 2607:f8b0:4006:822::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T4MS4Y5ZB1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c185f6b4014b5930765bfe673145e2018bc436e905237480d2da03397c341e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61831
x-xss-protection: 0
expires: Sat, 25 Dec 2021 18:59:38 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 113ms
56ms Script
text/javascript 142.250.64.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.64.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s31-in-f2.1e100.net

Software

cafe /

Resource Hash

7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14333
x-xss-protection: 0
server: cafe
etag: 8469929769973419123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 25 Dec 2021 18:59:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 72ms
18ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 1119
date: Sat, 25 Dec 2021 18:40:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sat, 25 Dec 2021 20:40:59 GMT

GET
H2 200 scevent.min.js Show response
sc-static.net/ 18 KB
7 KB 208ms
92ms Script
application/javascript 65.8.249.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.249.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-249-81.mia3.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: gzip
server: CloudFront
x-amz-cf-pop: MIA3-C5
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: private, s-maxage=0, max-age=600
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 23c0665e837e408849a5c6eada365d04.cloudfront.net (CloudFront)
x-amz-cf-id: 4bPquIN6CXblU1HVCKVKZahB3emdUGDnsv8Po4Ja-VEQWRosnBwgiw==

GET
H2 200 9e6bui1n6x Show response
www.clarity.ms/tag/ 939 B
1 KB 190ms
57ms Script
application/x-javascript 2620:1ec:49::70
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/9e6bui1n6x?ref=gtm
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:49::70 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 0c16ba84c31f7025ad738549e76acc74e50272b4baceb611e9d065e2706e6277

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:37 GMT
x-powered-by: ASP.NET
x-azure-ref: 0GmrHYQAAAAAW/u4wAcyuTbVdaEAhdChwQ0gxQUEyMDIwNjA0MDM1ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
content-length: 939
expires: -1

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 72ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: z74CTYQC16RU6UWKEvueEQpNVE1cD8dk5fvp3c4tBEgMt77NAzyVOO7r29JT8oUdX0p2tc+1Cqvk3s24Rc6SLA==
x-fb-trip-id: 1512268381
x-frame-options: DENY
date: Sat, 25 Dec 2021 18:59:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK iMAWebCookie.js Show response
www.sc.pages08.net/lp/static/js/ 14 KB
14 KB 56ms
15ms Script
application/javascript 3.96.5.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sc.pages08.net/lp/static/js/iMAWebCookie.js?1774c950-15d3edd3da0-6681ada67421f5d3ed5e65517ed2e77a&h=www.pages08.net

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-52S4GRW

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.96.5.142 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-96-5-142.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 18:59:38 GMT
Last-Modified: Wed, 08 Dec 2021 08:47:34 GMT
Server: Apache
ETag: "3772-5d29e8a8555c6"
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 14194

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=2890493&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2

43 B
1023 B

79ms
79ms

Image
image/gif

68.67.178.10
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

68.67.178.10 Secaucus, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

634.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Dec 2021 18:59:38 GMT
X-Proxy-Origin: 37.120.205.166; 37.120.205.166; 634.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 0d9b81e3-6d56-4779-bf59-f2894de4a1de
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 25 Dec 2021 18:59:38 GMT
X-Proxy-Origin: 37.120.205.166; 37.120.205.166; 634.bm-nginx-loadbalancer.mgmt.nym2; adnxs.com
AN-X-Request-Uuid: 82c919b8-e62b-46c9-b936-378dd14bd3da
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D2890493%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 132ms
54ms XHR
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-21428245-1&cid=1580657903.1640458778&jid=1219254815&gjid=1051568500&_gid=22799227.1640458778&_u=YGBAiEABBAAAAE~&z=853048713

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.wintergreenresort.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 25 Dec 2021 18:59:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.wintergreenresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 49ms
19ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1276054566&t=pageview&_s=1&dl=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&ul=en-us&de=UTF-8&dt=Wintergreen%20Resort%3A%20Premier%20Blue%20Ridge%20Mountain%20Ski%2C%20Golf%2C%20Tennis%2C%20Spa%20and%20Family%20Vacation%20Resort%20in%20Virginia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAiEABB~&jid=1219254815&gjid=1051568500&cid=1580657903.1640458778&tid=UA-21428245-1&_gid=22799227.1640458778&gtm=2wgc1052S4GRW&z=1071633028

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 17:43:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4552
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 283889445573402 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 45ms
21ms Script
application/x-javascript 2a03:2880:f012:8:face:b00c:0:1
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/283889445573402?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:8:face:b00c:0:1 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8e1b973f8c16be850171cc0fe663f196cce7931bb87385fab0000b070dcac5ee

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 88893
x-xss-protection: 0
pragma: public
x-fb-debug: zjmX/4uAlfuPpAsOasOU/n2FwjSC1Zui9PI0LTNgcO88Vp2GT7y4yxTLYcBWEe1Z2fAanmpCT0TggIeIYjPVGg==
x-frame-options: DENY
date: Sat, 25 Dec 2021 18:59:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK CssTheme.1.css
hosteduxprod.blob.core.windows.net/public-files/1.0.0/ 5 KB
5 KB 168ms
43ms Stylesheet
text/css 52.239.221.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/CssTheme.1.css
Requested by: Host: ui.customsearch.ai
URL: https://ui.customsearch.ai/api/ux/render?customConfig=2174796442&market=en-US&safeSearch=Moderate
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.221.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: c6d8d02668702e2a22e07bbdb6ad93211078e02271d15a24ed4474bfc90b467b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 Dec 2021 18:59:37 GMT
Last-Modified: Sun, 06 May 2018 09:23:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: x01wpZI7EZ5iFtIzfI6rHg==
ETag: 0x8D5B333039E1E27
Content-Type: text/css
x-ms-request-id: e963fc99-901e-0077-13c1-f9fe4b000000
x-ms-version: 2009-09-19
Content-Length: 5187

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/794829170/ 3 KB
2 KB 85ms
38ms Script
text/javascript 2607:f8b0:4006:820::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/794829170/?random=1640458778065&cv=9&fst=1640458778065&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&tiba=Wintergreen%20Resort%3A%20Premier%20Blue%20Ridge%20Mountain%20Ski%2C%20Golf%2C%20Tennis%2C%20Spa%20and%20Family%20Vacation%20Resort%20in%20Virginia&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2002 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d13c6be70ae8706ac749a976c36176e157e7974b1108aeaf640bd87000aedd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1181
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
analytics.google.com/g/ 0
354 B 85ms
32ms Ping
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-T4MS4Y5ZB1&gtm=2oec10&_p=1276054566&sr=1600x1200&_gaz=1&ul=en-us&cid=1580657903.1640458778&_s=1&dl=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&dt=Wintergreen%20Resort%3A%20Premier%20Blue%20Ridge%20Mountain%20Ski%2C%20Golf%2C%20Tennis%2C%20Spa%20and%20Family%20Vacation%20Resort%20in%20Virginia&sid=1640458777&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4MS4Y5ZB1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wintergreenresort.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wintergreenresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
354 B 91ms
53ms Ping
text/plain 2607:f8b0:4023:1404::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-T4MS4Y5ZB1&cid=1580657903.1640458778&gtm=2oec10&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T4MS4Y5ZB1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4023:1404::9d Columbus, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wintergreenresort.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.wintergreenresort.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
501 B 98ms
36ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-T4MS4Y5ZB1&cid=1580657903.1640458778&gtm=2oec10&aip=1&z=414546902

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 clarity.js Show response
f.clarity.ms/s/0.6.31/ 52 KB
23 KB 115ms
36ms Script
application/javascript 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/s/0.6.31/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/9e6bui1n6x?ref=gtm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
content-encoding: br
etag: "1d7f3ace6a16300"
last-modified: Sat, 18 Dec 2021 01:16:36 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=6AE5987667F14026A1E6D587DF0F0A1A&RedC=c.clarity.ms&MXFR=394190A6E5C16CF03C0481BEE1C162C7
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AE5987667F14026A1E6D587DF0F0A1A&MUID=34DB74333D996AD83A58652B3C4F6BB8

42 B
467 B

75ms
75ms

Image
image/gif

40.91.78.9
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AE5987667F14026A1E6D587DF0F0A1A&MUID=34DB74333D996AD83A58652B3C4F6BB8
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: H2
Server: 40.91.78.9 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
last-modified: Fri, 05 Nov 2021 17:18:56 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "bf4ee43669d2d71:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2ED1E4AB74E64209B1F4ABBE3B51D01F Ref B: YMQ01EDGE0307 Ref C: 2021-12-25T18:59:38Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=6AE5987667F14026A1E6D587DF0F0A1A&MUID=34DB74333D996AD83A58652B3C4F6BB8
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 44 B
406 B 75ms
20ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=283889445573402&ev=PageView&dl=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&rl=&if=false&ts=1640458778163&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1640458778160.1936826429&it=1640458778054&coo=false&exp=p1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:38 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sat, 25 Dec 2021 18:59:38 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/794829170/ 42 B
154 B 88ms
40ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/794829170/?random=1640458778065&cv=9&fst=1640455200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&tiba=Wintergreen%20Resort%3A%20Premier%20Blue%20Ridge%20Mountain%20Ski%2C%20Golf%2C%20Tennis%2C%20Spa%20and%20Family%20Vacation%20Resort%20in%20Virginia&async=1&fmt=3&is_vtc=1&random=727008870&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.ca/pagead/1p-user-list/794829170/ 42 B
154 B 39ms
39ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/pagead/1p-user-list/794829170/?random=1640458778065&cv=9&fst=1640455200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&tiba=Wintergreen%20Resort%3A%20Premier%20Blue%20Ridge%20Mountain%20Ski%2C%20Golf%2C%20Tennis%2C%20Spa%20and%20Family%20Vacation%20Resort%20in%20Virginia&async=1&fmt=3&is_vtc=1&random=727008870&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 80ms
39ms Image
image/gif 2607:f8b0:4006:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21428245-1&cid=1580657903.1640458778&jid=1219254815&_u=YGBAiEABBAAAAE~&z=1056425829

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::2004 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.ca/ads/ 42 B
107 B 37ms
37ms Image
image/gif 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.ca/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-21428245-1&cid=1580657903.1640458778&jid=1219254815&_u=YGBAiEABBAAAAE~&z=1056425829

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 18:59:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
77 B 39ms
39ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.wintergreenresort.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.wintergreenresort.com
date: Sat, 25 Dec 2021 18:59:38 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1276054566&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&ul=en-us&de=UTF-8&dt=Wintergreen%20Resort%3A%20Premier%20Blue%20Ridge%20Mountain%20Ski%2C%20Golf%2C%20Tennis%2C%20Spa%20and%20Family%20Vacation%20Resort%20in%20Virginia&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Clarity&ea=11ysopg&_u=aHBAiEABBAAAAE~&jid=&gjid=&cid=1580657903.1640458778&tid=UA-21428245-1&_gid=22799227.1640458778&gtm=2wgc1052S4GRW&cd1=https%3A%2F%2Fclarity.microsoft.com%2Fga%2F9e6bui1n6x%2F2lcp0p%2F11ysopg&z=1341317870

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::200e , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 25 Dec 2021 17:43:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 4552
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 brandon_reg.woff
www.wintergreenresort.com/fonts/ 55 KB
55 KB 433ms
433ms Font
application/octet-stream 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/fonts/brandon_reg.woff

Requested by

Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/css/custom.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

17a681c2d0f286fc3da1ca61365d9201f177ad0b9d922cc4dd564cb8c733682c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.wintergreenresort.com/css/custom.css
Origin: https://www.wintergreenresort.com
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:39 GMT
cf-cache-status: EXPIRED
last-modified: Mon, 20 Mar 2017 15:08:19 GMT
server: cloudflare
x-aspnet-version
x-frame-options: SAMEORIGIN
x-powered-by
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: public
accept-ranges: bytes
cf-ray: 6c344ec88b91ca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 56424

GET
H/1.1 200
OK iframe Show response
pixel.mathtag.com/sync/ Frame E152 631 B
994 B 52ms
51ms Document
text/html 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e70c61c7-6a19-4e00-9498-310fdec75871&no_iframe=1&mt_adid=114781&source=mathtag
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_id=660713&mt_adid=114781&v1=&v2=&v3=&s1=&s2=&s3=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master ord-pixel-x11 config:1.0.0 /
Resource Hash: 304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/

Response headers

Content-Type: text/html
Content-Length: 631
Access-Control-Allow-Origin: *
Server: MT3 4133 baa842e master ord-pixel-x11 config:1.0.0
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Sat, 25 Dec 2021 18:59:38 GMT
Date: Sat, 25 Dec 2021 18:59:39 GMT
Connection: keep-alive

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
525 B 61ms
44ms Image
image/gif 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master ord-pixel-x33 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 18:59:39 GMT
Server: MT3 4133 baa842e master ord-pixel-x33 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 25 Dec 2021 18:59:38 GMT

POST
H3 204 result Show response
www.wintergreenresort.com/cdn-cgi/bm/cv/ 0
461 B 14ms
13ms XHR
text/plain 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.wintergreenresort.com/cdn-cgi/bm/cv/result?req_id=6c344eba6824714a
Requested by: Host: www.wintergreenresort.com
URL: https://www.wintergreenresort.com/cdn-cgi/bm/cv/669835187/api.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 25 Dec 2021 18:59:39 GMT
server: cloudflare
cf-ray: 6c344ec96c6cca57-YUL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ Frame E152 43 B
525 B 41ms
41ms Image
image/gif 184.29.128.222
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/sync/iframe?mt_uuid=e70c61c7-6a19-4e00-9498-310fdec75871&no_iframe=1&mt_adid=114781&source=mathtag
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.29.128.222 Edison, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-29-128-222.deploy.static.akamaitechnologies.com
Software: MT3 4133 baa842e master ord-pixel-x16 config:1.0.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://pixel.mathtag.com/sync/iframe?mt_uuid=e70c61c7-6a19-4e00-9498-310fdec75871&no_iframe=1&mt_adid=114781&source=mathtag
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Sat, 25 Dec 2021 18:59:39 GMT
Server: MT3 4133 baa842e master ord-pixel-x16 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 25 Dec 2021 18:59:38 GMT

GET
H/1.1 200
OK event.jpeg
www.pages08.net/WTS/ 0
473 B 71ms
19ms Image
image/jpeg 3.96.5.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.pages08.net/WTS/event.jpeg?accesskey=1774c950-15d3edd3da0-6681ada67421f5d3ed5e65517ed2e77a&v=1.31&isNewSession=1&type=pageview&isNewVisitor=1&sessionGUID=8bb8aadb-4a0e-449c-1427-bc6a99e68ed1&webSyncID=318dcab3-02d5-4dda-aab4-2a584529aced&url=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&newSiteVisit=1&hostname=www.wintergreenresort.com&pathname=%2Fthis-week-at-wintergreen%2F&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2&newPageVisit=1&eventKey=846da43d-6187-b75c-2e07-51e73d9de2b7

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

3.96.5.142 Montreal, Canada, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-96-5-142.ca-central-1.compute.amazonaws.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=16070400; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 25 Dec 2021 18:59:39 GMT
Server: Apache
Strict-Transport-Security: max-age=16070400; includeSubDomains; preload
p3p: CP="CAO PSA OUR"
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
Connection: close
Content-Type: image/jpeg
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK BingIcons.png
hosteduxprod.blob.core.windows.net/public-files/1.0.0/ 7 KB
7 KB 36ms
36ms Image
application/octet-stream 52.239.221.68
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/BingIcons.png
Requested by: Host: hosteduxprod.blob.core.windows.net
URL: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/CssTheme.1.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.239.221.68 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: e965fad5de1dd29f4231b53f586bedefebe9b69b7eaed9db3bb45de2b84e5770

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://hosteduxprod.blob.core.windows.net/public-files/1.0.0/CssTheme.1.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Date: Sat, 25 Dec 2021 18:59:38 GMT
Last-Modified: Sun, 06 May 2018 09:23:22 GMT
Server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5: lMWjtve72nx3zvhxEafaLg==
ETag: 0x8D5B333039E1E27
Content-Type: application/octet-stream
x-ms-request-id: e963ffa8-901e-0077-79c1-f9fe4b000000
x-ms-version: 2009-09-19
Content-Length: 7223

GET
H2 200 is_enabled Show response
tr.snapchat.com/collector/ 46 B
313 B 67ms
40ms Fetch
application/json 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/collector/is_enabled?pids=71cc2b07-77b6-4b49-9478-51a6654d08c4

Requested by

Host: sc-static.net
URL: https://sc-static.net/scevent.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e768f67999ec51b211934e6291666f58eb05fe0094122becb23ef5fb7e756671

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:39 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46

GET
H2 200 i Show response
tr.snapchat.com/cm/ Frame 0659 672 B
887 B 93ms
71ms Document
text/html 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/i?pid=71cc2b07-77b6-4b49-9478-51a6654d08c4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/

Response headers

server: nginx/1.17.3
date: Sat, 25 Dec 2021 18:59:39 GMT
content-type: text/html
content-length: 672
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 rum Show response
www.wintergreenresort.com/cdn-cgi/ 0
173 B 16ms
14ms XHR
text/plain 2606:4700:10::6814:c16c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.wintergreenresort.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6814:c16c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.wintergreenresort.com/this-week-at-wintergreen/?NCK=8664708608&spMailingID=7760016&spUserID=OTcyNTIxNzQ2NTMS1&spJobID=1400568437&spReportId=MTQwMDU2ODQzNwS2
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
content-type: application/json

Response headers

date: Sat, 25 Dec 2021 18:59:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.wintergreenresort.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 6c344ecb8e8bca57-YUL
vary: Origin

GET
H2 200 p
tr.snapchat.com/ 68 B
493 B 63ms
48ms Image
image/png 35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tr.snapchat.com/p?pid=71cc2b07-77b6-4b49-9478-51a6654d08c4&ev=PAGE_VIEW&pl=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&ts=1640458779444&rf=&v=1.5&if=false&bt=__LIVE__&intg=gtm&u_c1=b3f9b46c-8d19-47f7-90b9-475b84f81772&m_sl=1554&m_rd=2825&m_pi=2377&m_pl=2813&m_ic=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:39 GMT
via: 1.1 google
server: nginx/1.17.3
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache, no-transform
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68

GET
H2 200 scevent.min.js Show response
sc-static.net/ Frame 0659 18 KB
7 KB 64ms
63ms Script
application/javascript 65.8.249.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sc-static.net/scevent.min.js
Requested by: Host: tr.snapchat.com
URL: https://tr.snapchat.com/cm/i?pid=71cc2b07-77b6-4b49-9478-51a6654d08c4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.8.249.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-8-249-81.mia3.r.cloudfront.net
Software: CloudFront /
Resource Hash: 86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 24 Dec 2021 22:35:35 GMT
content-encoding: gzip
server: CloudFront
age: 73444
etag: 0d6e407936704bd380072f5891d28b0e
x-cache: Hit from cloudfront
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=86400, max-age=600
x-amz-cf-pop: MIA3-C5
access-control-allow-headers: Content-Type
content-length: 6867
via: 1.1 23c0665e837e408849a5c6eada365d04.cloudfront.net (CloudFront)
x-amz-cf-id: ypwtRgvxlSNlak7o1gYvWWq-Yhfe-Lew1N700BkHDlHFvKGLzkLh0g==

GET
H3

200

p Show response
tr.snapchat.com/cm/ Frame 49FE
Redirect Chain

https://tr.snapchat.com/cm/s?pnid=140&cb=1640458779613
https://pixel.tapad.com/idsync/ex/push?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640274902945%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://pixel.tapad.com/idsync/ex/push/check?partner_id=2884&partner_url=https%3A%2F%2Ftr.snapchat.com%2Fcm%2Fp%3Frand%3D1640274902945%26pnid%3D140%26pcid%3D%24%7BTA_DEVICE_ID%7D
https://tr.snapchat.com/cm/p?rand=1640274902945&pnid=140&pcid=c008657b-de67-46b2-9b38-8a44a1fbd63b

0
15 B

55ms
55ms

Document
text/html

35.186.226.184
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tr.snapchat.com/cm/p?rand=1640274902945&pnid=140&pcid=c008657b-de67-46b2-9b38-8a44a1fbd63b

Protocol

Security

QUIC, , AES_128_GCM

Server

35.186.226.184 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

184.226.186.35.bc.googleusercontent.com

Software

nginx/1.17.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-CA,en;q=0.9
Referer: https://tr.snapchat.com/

Response headers

server: nginx/1.17.3
date: Sat, 25 Dec 2021 18:59:39 GMT
content-type: text/html
content-length: 0
access-control-allow-origin: *
cache-control: no-cache, no-transform
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

date: Sat, 25 Dec 2021 18:59:39 GMT
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://tr.snapchat.com/cm/p?rand=1640274902945&pnid=140&pcid=c008657b-de67-46b2-9b38-8a44a1fbd63b
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 43ms
20ms Image
image/gif 2a03:2880:f112:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=283889445573402&ev=Microdata&dl=https%3A%2F%2Fwww.wintergreenresort.com%2Fthis-week-at-wintergreen%2F%3FNCK%3D8664708608%26spMailingID%3D7760016%26spUserID%3DOTcyNTIxNzQ2NTMS1%26spJobID%3D1400568437%26spReportId%3DMTQwMDU2ODQzNwS2&rl=&if=false&ts=1640458779667&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtWintergreen%20Resort%3A%20Premier%20Blue%20Ridge%20Mountain%20Ski%2C%20Golf%2C%20Tennis%2C%20Spa%20and%20Family%20Vacation%20Resort%20in%20Virginia%5Cn%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1640458778160.1936826429&it=1640458778054&coo=false&es=automatic&tm=3&exp=p1&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f112:83:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: en-CA,en;q=0.9
Referer: https://www.wintergreenresort.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 18:59:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sat, 25 Dec 2021 18:59:39 GMT

POST
H2 204 collect Show response
f.clarity.ms/ 0
48 B 36ms
35ms XHR
text/plain 20.84.22.197
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://f.clarity.ms/collect
Requested by: Host: f.clarity.ms
URL: https://f.clarity.ms/s/0.6.31/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.84.22.197 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.wintergreenresort.com/
Accept-Language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

access-control-allow-origin: https://www.wintergreenresort.com
date: Sat, 25 Dec 2021 18:59:39 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8

Verdicts & Comments Add Verdict or Comment

136 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

44 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
sc-static.net/scevent.min.js	1970-01-19 23:42:25	Name: X-AB Value: 0d6e407936704bd380072f5891d28b0e
www.wintergreenresort.com/	1970-01-20 08:26:34	Name: EktGUID Value: 65d4eb05-92b6-4c53-b590-4d478898040e
www.wintergreenresort.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: ilbdnlhcaeiuxbpjdxbr5xp5
www.wintergreenresort.com/	1969-12-31 23:59:59	Name: ecm Value: user_id=0&isMembershipUser=0&site_id=&username=&new_site=/&unique_id=0&site_preview=0&langvalue=0&DefaultLanguage=1033&NavLanguage=1033&LastValidLanguageID=1033&DefaultCurrency=840&SiteCurrency=840&ContType=&UserCulture=1033&dm=www.wintergreenresort.com&SiteLanguage=1033
.wintergreenresort.com/	1970-01-20 01:50:34	Name: 14777NavisNCKeyword Value: 8664708608
.wintergreenresort.com/	1970-01-20 01:50:34	Name: NavisNCKeyword Value:
.mathtag.com/	1970-01-20 09:06:53	Name: uuid Value: e70c61c7-6a19-4e00-9498-310fdec75871
.wintergreenresort.com/	1970-01-20 01:50:34	Name: _gcl_au Value: 1.1.1841055252.1640458778
www.sc.pages08.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 2123358986.17439.0000
.adnxs.com/	1970-01-20 01:50:34	Name: uuid2 Value: 3194067903763821015
.wintergreenresort.com/	1970-01-19 23:42:25	Name: _gid Value: GA1.2.22799227.1640458778
.wintergreenresort.com/	1970-01-19 23:40:58	Name: _dc_gtm_UA-21428245-1 Value: 1
.wintergreenresort.com/	1970-01-20 17:12:10	Name: _ga_T4MS4Y5ZB1 Value: GS1.1.1640458777.1.0.1640458777.60
.wintergreenresort.com/	1970-01-20 17:12:10	Name: _ga Value: GA1.1.1580657903.1640458778
.adnxs.com/	1970-01-20 01:50:34	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2GTweY8eO!]tbP6j2F-XstGt!@DD2$ZL+[
www.clarity.ms/	1970-01-20 08:26:34	Name: CLID Value: b068f02e74414a5392bf9cd62527796c.20211225.20221225
.doubleclick.net/	1970-01-19 23:40:59	Name: test_cookie Value: CheckForPermission
.wintergreenresort.com/	1970-01-20 01:50:34	Name: _fbp Value: fb.1.1640458778160.1936826429
.facebook.com/	1970-01-20 01:50:34	Name: fr Value: 0lIHbPqupyIJNVDBe..Bhx2oa...1.0.Bhx2oa.
.wintergreenresort.com/	1970-01-20 08:26:34	Name: _clck Value: 2lcp0p\|1\|exk\|0
.wintergreenresort.com/	1970-01-19 23:42:25	Name: _clsk Value: 11ysopg\|1640458778439\|1\|1\|f.clarity.ms/collect
.bing.com/	1970-01-20 09:02:34	Name: MUID Value: 34DB74333D996AD83A58652B3C4F6BB8
.c.bing.com/	1970-01-19 23:51:03	Name: MR Value: 0
.c.bing.com/	1970-01-20 09:02:34	Name: SRM_B Value: 34DB74333D996AD83A58652B3C4F6BB8
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 09:02:34	Name: MUID Value: 34DB74333D996AD83A58652B3C4F6BB8
.c.clarity.ms/	1970-01-19 23:51:03	Name: MR Value: 0
.c.clarity.ms/	1970-01-19 23:40:59	Name: ANONCHK Value: 0
.mathtag.com/	1970-01-20 00:24:10	Name: mt_misc Value: mt_bt:1
.wintergreenresort.com/	1970-01-19 23:41:00	Name: __cf_bm Value: KKrj1u3O2p4S.fNxg8KhPvqB7vOgNWpj6Dk185rxBZU-1640458779-0-AduLcef6BUS0eqajmLv6ay3/+9ACi/G9IXvBxNpDNSxxUHQj1HiLW8rxfZ800jljtAWo5VvIW4/YrHiglfTFEkDn+VMwYVhsTLVTGgOTbIetiZ+c7P2H8PV6X3g6UontOQ==
.wintergreenresort.com/	1970-01-20 23:40:58	Name: com.silverpop.iMAWebCookie Value: 318dcab3-02d5-4dda-aab4-2a584529aced
.wintergreenresort.com/	1970-01-19 23:40:59	Name: com.silverpop.iMA.session Value: 8bb8aadb-4a0e-449c-1427-bc6a99e68ed1
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.mid Value: 7760016
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.uid Value: OTcyNTIxNzQ2NTMS1
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.jid Value: 1400568437
.wintergreenresort.com/	1969-12-31 23:59:59	Name: com.silverpop.iMA.rid Value: MTQwMDU2ODQzNwS2
.wintergreenresort.com/	1970-01-19 23:40:59	Name: com.silverpop.iMA.page_visit Value: -896448878:
.wintergreenresort.com/	1970-01-20 09:10:45	Name: _scid Value: b3f9b46c-8d19-47f7-90b9-475b84f81772
www.pages08.net/	1969-12-31 23:59:59	Name: Silverpop_cookie Value: 797958922.4525.0000
.snapchat.com/	1970-01-20 09:02:34	Name: sc_at Value: v2\|H4sIAAAAAAAAAE3GwQ3AMAgDwImQiGrA7jZFJVNk+H57r0NtyrOtfdqwI0xv0Coxo+eixLPg90o4glU6v/oH1kN24kAAAAA=
.tapad.com/	1970-01-20 01:07:22	Name: TapAd_TS Value: 1640458779741
.tapad.com/	1970-01-20 01:07:22	Name: TapAd_DID Value: c008657b-de67-46b2-9b38-8a44a1fbd63b
.tapad.com/	1970-01-20 01:07:22	Name: TapAd_3WAY_SYNCS Value:
.wintergreenresort.com/	1970-01-20 09:10:45	Name: _sctr Value: 1\|1640390400000

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.google.com
c.bing.com
c.clarity.ms
code.jquery.com
connect.facebook.net
e.issuu.com
f.clarity.ms
googleads.g.doubleclick.net
hosteduxprod.blob.core.windows.net
links.email1.ascent360.org
media.guestdesk.com
pixel.mathtag.com
pixel.tapad.com
sc-static.net
secure.adnxs.com
static.cloudflareinsights.com
stats.g.doubleclick.net
tr.snapchat.com
ui.customsearch.ai
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.navistechnologies.info
www.pages08.net
www.sc.pages08.net
www.wintergreenresort.com
107.178.246.49
142.250.64.98
184.29.128.222
199.125.15.90
20.84.22.197
2001:4de0:ac18::1:a:1a
2606:4700:10::6814:c16c
2606:4700:10::6816:227f
2606:4700::6810:5e41
2607:f8b0:4006:807::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:820::2002
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2008
2607:f8b0:4023:1404::9d
2620:1ec:49::70
2620:1ec:c11::200
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42::622
3.96.5.142
35.186.226.184
40.91.78.9
52.173.149.65
52.239.221.68
52.60.182.80
65.8.249.81
68.67.178.10
080501e9b51e97cfeb997791067fc28a98deea2bf5595460630b8802ec548f09
0b1260935ab07df3ed5e70108ae513df6d8d680d0d1373b311ca47ec6a7d3e3e
0c16ba84c31f7025ad738549e76acc74e50272b4baceb611e9d065e2706e6277
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
0f9aa1b944601edaebf00c79485b0aeabffd2cd5d0d348ddfdfb0f0e2bd95613
0fd852c2d57ce17da10bca22467e3a6686f6b53c6a23d5b966fa0ea6a52d7594
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
13687452ac7dbb5bd1d8b317bfe48907bc753a7674c3c857f352d50cf6ea5408
17a681c2d0f286fc3da1ca61365d9201f177ad0b9d922cc4dd564cb8c733682c
1a9a6f6ed23f67f12215dffd789133f50ff9aaf7dba569e01ffbcbb66d6388b9
1c185f6b4014b5930765bfe673145e2018bc436e905237480d2da03397c341e1
1e8b1a8ddcb51cc4ea7b79f3186dd51f2f338dac7d567119fd72117d007eaafc
275662a54acdf50df65202f98c3987434b68145874bf8568b336c6e3d784edff
27a1e80167055f562f0ddda38620ec1f5a354c5ab795c75da16874f4095520f3
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2b01668936a4373c2a8c30018f5db16b296252410cbb10d93ade8fe5bbe279f2
304a0259406001319e10acd097537e33bbc0157670417a48fdd527a889951f65
36b59421bdc34fd9869a7541c47d5f157ff19eb183032efff759c4d5be5d9cae
38b05ae26a8d65eb1827894ff229a72854332ec25328a93740240c28b76814d1
4837f7e1f1565ff667528cd75c41f401e07e229de1bd1b232f0a7a40d4c46f79
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e048c3150c7b613e1f0ce0339aee5792f6fb5ad06100e3dc852c09be4c2ede6
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5c7af5aa28c8cecbf70de4d16db7ae2197d6c53953fd75a75e1f61ca3a5d9cf4
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067
6501140033c3bb20da4b5ac73c90f687ba8a2053c4ba37c4b6f5275166db7fa6
6764ab90e94ef266d1fec4ab8c67b2c7e8e2d772c2f95e3a1b9daa56bc28d6f4
6c651ee6beee305fb8f623dd1f6499741149688374e7a938bfba4fbfa351174c
7317a02358b2b617ba0934b570c313ee76f29176c4821a9a5fd1656413e5f41b
76588867b9ef488dc0be877e6ec98641b9fea6ece6dff4f8ecc106e621e2a2ac
7b700ece9f936cb6e30fb5df4a49382fb48ae570aba1541d60f5613129924046
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85420c3b31347202168a798980ad4f6bf9b61394a32d554e725d6753451c1b13
85bed9e77434f3a8899177183bab0511541aa384a32c615879d784575bea05ba
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
868ff8865bcee678c822e61005a3be866a0c45cb04dd6e0ba44e68f17bd1db8b
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
86d13c6be70ae8706ac749a976c36176e157e7974b1108aeaf640bd87000aedd
8be7b952a06b1b0befc8755a2636af5a1e5ccadb7f913990d4153737ae52817c
8e1b973f8c16be850171cc0fe663f196cce7931bb87385fab0000b070dcac5ee
981ffdb03c551affefbb0e80412a557ad9b9491a5c7ef96b0656499f22aca63a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9c679b22a9bffd0e840e76828eea397d845b71b33628c110bfa506a928337d8e
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d2f11eb78159e31bce4355ffd5e696717de4270a77ba1d2038e066462008ad
bb2a5d8631b36fa052e73eae9e53e3ca8a5e9ab2da15710d57dd7e4d50270110
bb602c15a149c572f857d5e7b163b6551e162539a11fe97d592e217bcd4e5846
c6d8d02668702e2a22e07bbdb6ad93211078e02271d15a24ed4474bfc90b467b
c9b834d0adf85a6efb491a67e3bb4520e3fc7bb5e0602499c081721ca5d994c3
cb250091d770c2b246b733c8b3a6e9965b7618b7efb17c99b55ab9b584be7dce
d5e3a80af0232502094805277b488abe345f42d5f110a079fe5b1f474262ea4b
dcc6bd834b68c084df2a98a804e1b0974f343b51344a36e126ca02a87c68545a
dd16b17e257a3a57a00efd5f2d1dc5ac0de934728ec3d44981eab67aa95bc591
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e580992f177165a8341a52e9b9bb40135e2ea30b41d79faa8bdab271771685a9
e768f67999ec51b211934e6291666f58eb05fe0094122becb23ef5fb7e756671
e965fad5de1dd29f4231b53f586bedefebe9b69b7eaed9db3bb45de2b84e5770
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f285e457a1d45c6913440a6fe83e0330d09a3a675e3902029acfd9338a2c3c25
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fccf54f2c78dafb7265a79cf33ca3bfef5b65e09e90c5a9c41aea1732155598e
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

www.wintergreenresort.com Open in urlscan Pro 2606:4700:10::6814:c16c Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

79 Requests

96 %HTTPS

54 %IPv6

25 Domains

30 Subdomains

25 IPs

3 Countries

3278 kBTransfer

4367 kBSize

44 Cookies

18 Outgoing links

Page URL History

Redirected requests

79 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.wintergreenresort.com Open in urlscan Pro
2606:4700:10::6814:c16c Public Scan

Screenshot
Live screenshot

Full Image

79
Requests

96 %
HTTPS

54 %
IPv6

25
Domains

30
Subdomains

25
IPs

3
Countries

3278 kB
Transfer

4367 kB
Size

44
Cookies

79 HTTP transactions
0 data transactions