gratonresortcasino.com Open in urlscan Pro
13.33.25.41 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://gratonresortcasino.com/
Effective URL:
https://gratonresortcasino.com/
Submission: On April 15 via manual (April 15th 2021, 4:50:28 pm UTC) from US

Summary HTTP 119 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 37 IPs in 6 countries across 36 domains to perform 119 HTTP transactions. The main IP is 13.33.25.41, located in United States and belongs to AMAZON-02, US. The main domain is gratonresortcasino.com.
TLS certificate: Issued by HydrantID SSL ICA G2 on June 26th 2019. Valid for: 2 years.

This is the only time gratonresortcasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 34	13.33.25.41 13.33.25.41	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
17	2600:9000:20e... 2600:9000:20eb:9400:12:6850:a180:93a1	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
6 10	142.250.74.198 142.250.74.198	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:21f... 2600:9000:21f3:e600:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
5	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2 7	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
7 7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
2 3	37.252.172.37 37.252.172.37	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	99.80.111.254 99.80.111.254	16509 (AMAZON-02) (AMAZON-02)
1 1	23.45.110.176 23.45.110.176	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	34.246.39.225 34.246.39.225	16509 (AMAZON-02) (AMAZON-02)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4232:16e5:e760:b671:d648	14618 (AMAZON-AES) (AMAZON-AES)
1	52.56.207.211 52.56.207.211	16509 (AMAZON-02) (AMAZON-02)
1	34.246.207.243 34.246.207.243	16509 (AMAZON-02) (AMAZON-02)
1 2	35.158.9.168 35.158.9.168	16509 (AMAZON-02) (AMAZON-02)
1	18.184.216.10 18.184.216.10	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	80.252.91.52 80.252.91.52	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
1 1	99.84.156.85 99.84.156.85	16509 (AMAZON-02) (AMAZON-02)
1	34.192.69.218 34.192.69.218	14618 (AMAZON-AES) (AMAZON-AES)
2 2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
1 2	18.157.138.23 18.157.138.23	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20e8:4400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	185.33.221.53 185.33.221.53	29990 (ASN-APPNEX) (ASN-APPNEX)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
119	37

34 13.33.25.41 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-33-25-41.phx50.r.cloudfront.net

gratonresortcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2600:9000:20eb:9400:12:6850:a180:93a1 (United States)

ASN16509 (AMAZON-02, US)

d37qwjs3c1carq.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.74.198 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f6.1e100.net

8902294.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8923196.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:e600:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.129 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20822499p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States) 7 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.37 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.111.254 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-111-254.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.110.176 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-110-176.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.246.39.225 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-39-225.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:16e5:e760:b671:d648 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.56.207.211 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-56-207-211.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.207.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-207-243.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.158.9.168 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-9-168.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.184.216.10 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.52 (Amsterdam, Netherlands) 1 redirects

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.156.85 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-84-156-85.txl52.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.192.69.218 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.138.23 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)

tags.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20e8:4400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	gratonresortcasino.com 1 redirects gratonresortcasino.com	740 KB
19	doubleclick.net 13 redirects 8902294.fls.doubleclick.net 8923196.fls.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net	7 KB
17	cloudfront.net d37qwjs3c1carq.cloudfront.net	2 MB
13	google.com 2 redirects www.google.com adservice.google.com fcmatch.google.com	25 KB
7	rfihub.com 2 redirects 20822499p.rfihub.com a.rfihub.com p.rfihub.com	10 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	318 KB
6	google-analytics.com www.google-analytics.com	19 KB
5	adnxs.com 2 redirects ib.adnxs.com secure.adnxs.com	5 KB
5	sojern.com beacon.sojern.com pixel.sojern.com	2 KB
4	google.de 2 redirects www.google.de adservice.google.de	763 B
3	rlcdn.com 1 redirects idsync.rlcdn.com	1007 B
2	w55c.net 1 redirects tags.w55c.net	1 KB
2	quantserve.com secure.quantserve.com pixel.quantserve.com	9 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	607 B
2	bidswitch.net 1 redirects x.bidswitch.net	857 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1013 B
2	youtube.com fcmatch.youtube.com	718 B
2	googletagmanager.com www.googletagmanager.com	73 KB
1	googleadservices.com www.googleadservices.com	14 KB
1	quantcount.com rules.quantcount.com	1 KB
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	788 B
1	serving-sys.com 1 redirects bs.serving-sys.com	835 B
1	media.net contextual.media.net	696 B
1	eyeota.net ps.eyeota.net	344 B
1	krxd.net beacon.krxd.net	338 B
1	agkn.com aa.agkn.com	238 B
1	tremorhub.com partners.tremorhub.com	183 B
1	addthis.com x.dlx.addthis.com	191 B
1	yahoo.com ads.yahoo.com	444 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects stags.bluekai.com	813 B
1	rfihub.net c1.rfihub.net	6 KB
119	36

	Domain	Requested by
34	gratonresortcasino.com	1 redirects gratonresortcasino.com
17	d37qwjs3c1carq.cloudfront.net	gratonresortcasino.com
7	cm.g.doubleclick.net	7 redirects
7	www.google.com	gratonresortcasino.com www.gstatic.com www.google.com 8923196.fls.doubleclick.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com gratonresortcasino.com
5	p.rfihub.com	2 redirects gratonresortcasino.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	adservice.google.com	gratonresortcasino.com 8923196.fls.doubleclick.net 8902294.fls.doubleclick.net
4	ad.doubleclick.net	4 redirects
3	idsync.rlcdn.com	1 redirects gratonresortcasino.com
3	ib.adnxs.com	2 redirects gratonresortcasino.com
3	pixel.sojern.com	gratonresortcasino.com
3	8923196.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
3	8902294.fls.doubleclick.net	1 redirects www.googletagmanager.com adservice.google.com
2	fonts.gstatic.com	www.google.com
2	secure.adnxs.com	8902294.fls.doubleclick.net
2	tags.w55c.net	1 redirects 8902294.fls.doubleclick.net
2	adservice.google.de	2 redirects
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects gratonresortcasino.com
2	sync.search.spotxchange.com	1 redirects gratonresortcasino.com
2	dsum-sec.casalemedia.com	1 redirects gratonresortcasino.com
2	dpm.demdex.net	1 redirects gratonresortcasino.com
2	match.adsrvr.org	2 redirects
2	fcmatch.youtube.com	gratonresortcasino.com 8902294.fls.doubleclick.net
2	fcmatch.google.com	2 redirects
2	www.google.de	gratonresortcasino.com 8923196.fls.doubleclick.net
2	beacon.sojern.com	gratonresortcasino.com 8902294.fls.doubleclick.net
2	www.googletagmanager.com	gratonresortcasino.com 8923196.fls.doubleclick.net
1	pixel.quantserve.com	8923196.fls.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	www.googleadservices.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	8923196.fls.doubleclick.net
1	bpi.rtactivate.com	gratonresortcasino.com
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	contextual.media.net	gratonresortcasino.com
1	ps.eyeota.net	gratonresortcasino.com
1	beacon.krxd.net	gratonresortcasino.com
1	aa.agkn.com	gratonresortcasino.com
1	partners.tremorhub.com	gratonresortcasino.com
1	x.dlx.addthis.com	gratonresortcasino.com
1	ads.yahoo.com	gratonresortcasino.com
1	pixel.rubiconproject.com	gratonresortcasino.com
1	stags.bluekai.com	1 redirects
1	a.rfihub.com	gratonresortcasino.com
1	20822499p.rfihub.com	c1.rfihub.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	c1.rfihub.net	gratonresortcasino.com
119	50

This site contains links to these domains. Also see Links.

Domain
rooms.gratonresortcasino.com
www.google.com
www.facebook.com
www.instagram.com
twitter.com
www.chargerback.com

Subject Issuer	Validity	Valid
*.gratonresortcasino.com HydrantID SSL ICA G2	`2019-06-26` - `2021-06-26`	2 years	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.rfihub.net Sectigo RSA Domain Validation Secure Server CA	`2021-02-10` - `2022-02-10`	a year	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-20`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-05-05`	a month	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-03-24` - `2022-03-30`	a year	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.eyeota.net R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
rtactivate.com Amazon	`2020-06-11` - `2021-07-11`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.w55c.net Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://gratonresortcasino.com/
Frame ID: D545FD7419EC28C6822FBD08FB039ED8
Requests: 70 HTTP requests in this frame

Frame: https://8902294.fls.doubleclick.net/activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Frame ID: 15664CD483417A8B96692255EA8DE71A
Requests: 1 HTTP requests in this frame

Frame: https://8923196.fls.doubleclick.net/activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Frame ID: A7F3BD01FB8FFB085FFE879264225221
Requests: 1 HTTP requests in this frame

Frame: https://20822499p.rfihub.com/ca.html?ver=9&rb=40146&ca=20822499&_o=undefined&_t=undefined&pe=https%3A%2F%2Fgratonresortcasino.com%2F&pf=&ra=09927731102989656
Frame ID: 5A77A0A98AC561E6B5437322478475A8
Requests: 21 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Frame ID: 837BA918C085ADCE5CFD57FF24B14F38
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Frame ID: A8CA4F51848D7D545629341192AE923E
Requests: 1 HTTP requests in this frame

Frame: https://8923196.fls.doubleclick.net/ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Frame ID: 5BE964D8AC51A3FBCB747589AE4DBD87
Requests: 9 HTTP requests in this frame

Frame: https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Frame ID: 2774043DC86531B01DE81A7A939E1228
Requests: 7 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&co=aHR0cHM6Ly9ncmF0b25yZXNvcnRjYXNpbm8uY29tOjQ0Mw..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=qqkiteszms4r
Frame ID: DE78F2A72226FBC8836829B84A28B0FA
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://gratonresortcasino.com/ HTTP 301
https://gratonresortcasino.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

OpenSSL (Web Server Extensions) Expand

Overall confidence: 100%
Detected patterns

headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

119
Requests

100 %
HTTPS

41 %
IPv6

36
Domains

50
Subdomains

37
IPs

6
Countries

2845 kB
Transfer

4258 kB
Size

10
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://rooms.gratonresortcasino.com/CGI-BIN/LANSAWEB?procfun+rn+resnet+GRA+funcparms+UP(A2560):;BAR;NaNNaN0N;NaN;00;00;;;;;;;;;;?/
Title: book now

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Graton+Resort+and+Casino/@38.3607529,-122.725532,17z/data=!4m8!3m7!1s0x8085808b0c127b6d:0x81db74f6d3a83de0!5m2!4m1!1i2!8m2!3d38.3607529!4d-122.7233433
Title:

Search URL Search Domain Scan URL

URL: https://www.facebook.com/GratonCasino
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/gratoncasino
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/playgraton
Title:

Search URL Search Domain Scan URL

URL: https://www.chargerback.com/ReportLostItemCBEmbed.asp?CustomerID=14164
Title: Lost & Found

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://gratonresortcasino.com/ HTTP 301
https://gratonresortcasino.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 50

https://8902294.fls.doubleclick.net/activityi;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F HTTP 302
https://8902294.fls.doubleclick.net/activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Request Chain 51

https://8923196.fls.doubleclick.net/activityi;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F HTTP 302
https://8923196.fls.doubleclick.net/activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Request Chain 60

https://ad.doubleclick.net/ddm/activity/src=8262897;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8262897;dc_pre=CNWXpb_agPACFRntGQodN5wC0A;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=CNWXpb_agPACFRntGQodN5wC0A;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&sjrn_ula=923637306 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&sjrn_ula=923637306&google_tc= HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&sjrn_ula=923637306&google_gid=CAESEMUVCY5ThFrgPylGGZ-exqk&google_cver=1

Request Chain 62

https://cm.g.doubleclick.net/pixel?google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern_adh HTTP 302
https://cm.g.doubleclick.net/pixel?google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern_adh&google_tc= HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDorW__EpgEDIslG_nKUJ_UrmJgSGdrarOPukR3czlrxCEcvDcuAX93zdJNUHjUAiUJioSu9kmW__vi96VxutQdY0WQcGXzOmLoIF_lkM-zdTzGdEtro HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorW__EpgEDIslG_nKUJ_UrmJgSGdrarOPukR3czlrxCEcvDcuAX93zdJNUHjUAiUJioSu9kmW__vi96VxutQdY0WQcGXzOmLoIF_lkM-zdTzGdEtro

Request Chain 63

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DWX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc HTTP 302
https://pixel.sojern.com/idsync/apn?id=9058995466096312716&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc

Request Chain 64

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=ed11d33c-6d1f-4791-9c50-2cf9afed66c7&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc

Request Chain 67

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MDQ3MTU5NDMwNTIwMzgyNw==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEPhTF7FBJvxc5wgjr6xf7QE&google_cver=1

Request Chain 69

https://stags.bluekai.com/site/4722?id=1870471594305203827&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=TnG2199999Y04cCQ&forward=

Request Chain 71

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1870471594305203827&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1870471594305203827&redir=

Request Chain 72

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1870471594305203827&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1870471594305203827&forward=&C=1

Request Chain 76

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1870471594305203827&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1870471594305203827&img=1&__user_check__=1&sync_id=a2c32c3d-9e0a-11eb-a47e-155da6fd0106

Request Chain 80

https://x.bidswitch.net/sync?dsp_id=119&user_id=1870471594305203827&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1870471594305203827&expires=30

Request Chain 81

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1870471594305203827&bid=omt9pi0

Request Chain 82

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YHhuwAAAIOm8zgA4 HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YHhuwAAAIOm8zgA4&_test=YHhuwAAAIOm8zgA4

Request Chain 84

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP 302
https://p.rfihub.com/cm?in=1&pub=17945&userid=aa110f04-e6ca-4d89-97bf-97ec8ef609d8

Request Chain 85

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1870471594305203827&referrer=https%3A%2F%2Fgratonresortcasino.com%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=4657e030-071c-4f87-99e1-fdca35d1eadc%3A1618505408.92&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4657e030-071c-4f87-99e1-fdca35d1eadc%253A1618505408.92 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=4657e030-071c-4f87-99e1-fdca35d1eadc%3A1618505408.92 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFhyoOOUk5wxzksxWzLvUJM&google_cver=1

Request Chain 88

https://adservice.google.de/ddm/fls/i/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F HTTP 302
https://8923196.fls.doubleclick.net/ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Request Chain 89

https://adservice.google.de/ddm/fls/i/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F HTTP 302
https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Request Chain 99

https://tags.w55c.net/rs?id=8307605575884c4fadc6455ef50b1084&t=marketing HTTP 302
https://tags.w55c.net/rs?sccid=73364a09-5965-5bad-07f0-d48ad359677b&scc=1&id=8307605575884c4fadc6455ef50b1084&t=marketing

Request Chain 104

https://cm.g.doubleclick.net/pixel?google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDope4XBH5f4ij_tUfT4J_e7e4BUPqnnoXNqcQn02eHj6MTsDzomtXRVruM8Q9mB4qPctSim9NmwyF8oC0oq3mmaYiaOHt5HJsCNnlZk409WrcEjYEQA HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDope4XBH5f4ij_tUfT4J_e7e4BUPqnnoXNqcQn02eHj6MTsDzomtXRVruM8Q9mB4qPctSim9NmwyF8oC0oq3mmaYiaOHt5HJsCNnlZk409WrcEjYEQA

Request Chain 105

https://ad.doubleclick.net/ddm/activity/src=8262897;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8262897;dc_pre=COa_xL_agPACFUBCHgIdWyEC-Q;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP 302
https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=COa_xL_agPACFUBCHgIdWyEC-Q;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

119 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
gratonresortcasino.com/
Redirect Chain

http://gratonresortcasino.com/
https://gratonresortcasino.com/

114 KB
115 KB

1655ms
1298ms

Document
text/html

13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 14d0f5a36c3f4271ee7ca8fe17fba06419a2420196a988849d91b652bb5e753f

Request headers

Host: gratonresortcasino.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Date: Thu, 15 Apr 2021 16:50:06 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Link: <https://gratonresortcasino.com/wp-json/>; rel="https://api.w.org/" <https://gratonresortcasino.com/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json" <https://gratonresortcasino.com/>; rel=shortlink
X-Cache: Miss from cloudfront
Via: 1.1 a68097bdd514e6082da61e488096dbfb.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: K4Eda2ZsorWt-BWvJpUGseOkYUxmKR63WBoT70dsv_L3vqkfNhxmTA==

Redirect headers

Server: CloudFront
Date: Thu, 15 Apr 2021 16:50:04 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://gratonresortcasino.com/
X-Cache: Redirect from cloudfront
Via: 1.1 fe2fe7a38191445e99bcf68919904597.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: E_iysQrkYD0GnOM7G82kys3DRQetKU-FrDgSyq-RfIqmmupDsWMHRw==

GET
H/1.1 200
OK gotham-book.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/ 18 KB
19 KB 529ms
187ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/gotham-book.woff2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: b7c280d3715373b8b4cc8989706e059bf8c1d3ceedcd0cc985d74b18bf626cfa

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:25 GMT
Via: 1.1 6ac65de939573cb26099f6407fa8e169.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:50 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: "48b0-5bda5b2c6f0c8"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 18608
X-Amz-Cf-Id: 0ehhRaAKVA_u0n8R2qUf_d0AYCLgtYE8-6yKuBwt3ApNS2CyqYcaCQ==

GET
H/1.1 200
OK gotham-bold.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/ 18 KB
18 KB 543ms
196ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/gotham-bold.woff2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 169be81b24c41457eeac197d2f6ad2dd2838d98599adf905b6cb134550c1ef9f

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:25 GMT
Via: 1.1 f846651d60359ebb3a1181bfa98b2e85.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:50 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: "47f4-5bda5b2cac928"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 18420
X-Amz-Cf-Id: H8jjZ3Cs26MBhY7e-6O6vE_4SHzhaIlfMochze27hoCnTh4HQ0REyg==

GET
H/1.1 200
OK gotham-medium.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/ 18 KB
19 KB 544ms
190ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/gotham-medium.woff2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 83e47443b6c55e5abd64e31fd336ded02de6024df5057c93990ca5e9705b1725

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:25 GMT
Via: 1.1 a68097bdd514e6082da61e488096dbfb.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:50 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: "49d8-5bda5b2c85ff8"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 18904
X-Amz-Cf-Id: -tE0iNgUM1GcezLJ_EWVB2d4JR2XtDJT7QkwgLfE1F1Gh6OajG3Wpw==

GET
H/1.1 200
OK gotham-light.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/ 18 KB
18 KB 555ms
197ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/Gotham/gotham-light.woff2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ea24ada0340a180509e7b001c942956f11e5ea345a335c2be1f6358579ae65c8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:25 GMT
Via: 1.1 f97210398b4cfef9ad2de33146167726.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:50 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: "47c8-5bda5b2cbe650"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 18376
X-Amz-Cf-Id: XxbORG0nmeKOulpKuEqPYjWIN9kR4LMU4XUbbqKKP6CNfVFoKnutog==

GET
H/1.1 200
OK avenir-next-regular.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/avenir-next/ 65 KB
65 KB 727ms
189ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/avenir-next/avenir-next-regular.woff2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ccbcc2e35045cc6d24c97856d611e08715dfe11ebe1ed2014b5a207367445510

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:28 GMT
Via: 1.1 6ac65de939573cb26099f6407fa8e169.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:49 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 99
ETag: "10404-5bda5b2c3c830"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 66564
X-Amz-Cf-Id: 4HJPj7-xvObecDyFtHxQE5sGxKRhzfbED78l96kh7Jk_EmncZtNNXQ==

GET
H/1.1 200
OK avenir-next-bold.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/avenir-next/ 63 KB
63 KB 730ms
188ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/custom-fonts/avenir-next/avenir-next-bold.woff2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ae1770d62a2252513a871afa811b8bdeb491dea05f29daf1644dee199a1afedb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:28 GMT
Via: 1.1 2ea3413b4cef1ac5b49fbdfbe748ef18.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:49 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 99
ETag: "fb1c-5bda5b2bacb68"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 64284
X-Amz-Cf-Id: nGXrmSiEsWwWtx_g46eYaL2RsEzUickiFsppRV-4SCzNuJffM-cZYA==

GET
H/1.1 200
OK fontawesome-webfont.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/ 75 KB
76 KB 732ms
189ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/fontawesome-webfont.woff2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:30 GMT
Via: 1.1 f846651d60359ebb3a1181bfa98b2e85.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:48 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 97
ETag: "12d68-5bda5b2b3c2a0"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 77160
X-Amz-Cf-Id: _xFMy1WCw4iMbHb-TdoWB3bDc3umsktsAIutvpvOgironhMYwGyumg==

GET
H/1.1 200
OK style.min.css
gratonresortcasino.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 352ms
185ms Stylesheet
text/css 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/css/dist/block-library/style.min.css?ver=4d00cc16543a1e671a84a7e0d19e889c
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:25 GMT
Content-Encoding: gzip
Last-Modified: Mon, 22 Feb 2021 17:17:28 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 281
ETag: W/"c88a-5bbeff9f64f00"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 a68097bdd514e6082da61e488096dbfb.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: u18CL0WfjebWaGBQ039yz3EizUnnZVAkFMpZtkHR5PIzR3siW5MFHA==

GET
H/1.1 200
OK styles.css
gratonresortcasino.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 540ms
201ms Stylesheet
text/css 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.4
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:28 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 12:42:53 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 99
ETag: W/"a46-5bcc96c3a78c8"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 2ea3413b4cef1ac5b49fbdfbe748ef18.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: vO6NT5UTBhJHj-Z84KBnLJJagVgDfNECXvk8HSVYB0tSZLSnWxt9fg==

GET
H/1.1 200
OK child-theme.min.css
gratonresortcasino.com/wp-content/themes/understrap-child/css/ 507 KB
59 KB 526ms
187ms Stylesheet
text/css 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 3238c2a5c17143f644defd11323b528d4a61d806bb44e8248e2ee9f835093865

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: text/css,*/*;q=0.1
Cache-Control: no-cache
Sec-Fetch-Dest: style
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:28 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Mar 2021 11:30:39 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 99
ETag: W/"7ea1c-5bda5b226efd8"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: text/css
Via: 1.1 221819fbf7724b735246ce8b6af9132f.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: iisrJRZhHImJcW4cMMFURmPtLrvu3SDzcpF3haDTIQbuMkZwxMPIUA==

GET
H/1.1 200
OK jquery-3.5.1.min.js Show response
gratonresortcasino.com/wp-content/plugins/jquery-updater/js/ 87 KB
31 KB 723ms
178ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/plugins/jquery-updater/js/jquery-3.5.1.min.js?ver=3.5.1
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:28 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2020 06:05:13 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 99
ETag: W/"15d84-5b68ea8979d28"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a68097bdd514e6082da61e488096dbfb.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: XIzIc8XIBXdwPkjLMDRbKTqnfpCxwPiOfPvpJW_bGto7XjmSIn7jSg==

GET
H/1.1 200
OK jquery-migrate-3.3.0.min.js Show response
gratonresortcasino.com/wp-content/plugins/jquery-updater/js/ 11 KB
4 KB 742ms
180ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.3.0.min.js?ver=3.3.0
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: c19def3576a41fd9383f4d1f3460256cdd0f929292ca145aefa205cb85753d81

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Dec 2020 06:05:13 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 98
ETag: W/"2b08-5b68ea89704d0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f97210398b4cfef9ad2de33146167726.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: U4uZZS3Fu4WxGlMRfd06ffmSactYY_8un_2QamtDnXj7qNVxy77e4A==

GET
H/1.1 200
OK home-slider.min.js Show response
gratonresortcasino.com/wp-content/themes/understrap-child/js/ 6 KB
2 KB 842ms
171ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/js/home-slider.min.js?ver=0.5.5900001
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: c525d1451ef57add208417bb118ca9be2a091419d4bfdd84001918069861b69d

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:29 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Mar 2021 11:30:40 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 98
ETag: W/"169b-5bda5b238e198"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 221819fbf7724b735246ce8b6af9132f.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: LPZyxAsOJHK8QY0vNn3KY68rHRnpV5FoYVH8Vm4f7aYCx_ueHIomoA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 111 KB
38 KB 35ms
32ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M8N3H9P

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80a0600300dba5a045704e2922768c9cb5902a83625494649b191d169ee6eab3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:07 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38293
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 15:31:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Apr 2021 16:50:07 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
gratonresortcasino.com/wp-includes/js/ 14 KB
5 KB 172ms
170ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/wp-emoji-release.min.js?ver=4d00cc16543a1e671a84a7e0d19e889c
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 08:43:11 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: W/"3795-5ba7eb1961550"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2ea3413b4cef1ac5b49fbdfbe748ef18.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: h66Ji19of7Jha5imYYAPdr-v2fINUnIsQclTtFETfo1W12QISeFWXA==

GET
H2 200 GRT-15013_PRESSURE-COOKER-WEBSOCIAL-565x625-1.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2021/03/09155641/ 157 KB
158 KB 58ms
24ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2021/03/09155641/GRT-15013_PRESSURE-COOKER-WEBSOCIAL-565x625-1.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a552fc47976562149b9247ee7d5ebb013ddd55ad64f2a9f7c83c958dcca36859

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 14:52:59 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Tue, 09 Mar 2021 23:56:42 GMT
server: AmazonS3
age: 1475829
etag: "43ad254ab071f429c8d1e8a9ac2f13c3"
x-cache: Hit from cloudfront
x-amz-version-id: zYtkBj8mF_zmzMfS_TY6._GSTmhpbQ8d
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 160975
x-amz-cf-id: 1yMprtRfJP8YHOtW1CdJ3FUYTlZVP5pUIy5z3e1Ba5WxkV_c6_w2-Q==
expires: Wed, 09 Mar 2022 23:56:41 GMT

GET
H2 200 HJ-200638_Promos_Evergreen_565x6253.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142552/ 33 KB
34 KB 56ms
22ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142552/HJ-200638_Promos_Evergreen_565x6253.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 52ed393a01b79faa5f8bdcce964c15e824e054a707db5a5f09779bf8b4172f5c

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:20:24 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:53 GMT
server: AmazonS3
age: 5750984
etag: "d54458c538b0687cc7d3af99f18498ab"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 34119
x-amz-cf-id: 0-UTlEmnQ2q-Yclv9hPVo95PlEKRwtLHzALMNo-ZewpNr9YjYljh3g==
expires: Sat, 18 Dec 2021 14:25:52 GMT

GET
H2 200 HJ-200638_Promos_Evergreen_565x6252.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142552/ 47 KB
47 KB 45ms
12ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142552/HJ-200638_Promos_Evergreen_565x6252.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1320330f3e55f28a775029da7931bc484328fb0ea2ebdbbc594ded640674aeb0

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 04 Feb 2021 12:32:37 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:53 GMT
server: AmazonS3
age: 6063451
etag: "13919a9f2985ca5b1dfdf4aac0714982"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 47723
x-amz-cf-id: 3ABk33w1WxHcWadPD4F1AkAHblGzsKvczVRN_hI_X4Hgr132r1TFsQ==
expires: Sat, 18 Dec 2021 14:25:52 GMT

GET
H2 200 HJ-200638_Promos_Evergreen_565x625.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142552/ 46 KB
46 KB 62ms
29ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142552/HJ-200638_Promos_Evergreen_565x625.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1b1a6b6ed0c7272f207d23b911782adc056ab95590cdab3566f9cdad02138bff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 07:05:32 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:54 GMT
server: AmazonS3
age: 6255876
etag: "6a3dc2e09920779b56341841c5f76037"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 46823
x-amz-cf-id: LY2jzaurnZWIBa5SZgydG9bXLx6YDQBPQ8Pe2f5DRU94koKDQFBlYg==
expires: Sat, 18 Dec 2021 14:25:52 GMT

GET
H2 200 Graton_3025King_v3s_565x625.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142555/ 56 KB
57 KB 45ms
12ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142555/Graton_3025King_v3s_565x625.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9290da584011cfaf8159a53a856bffdd3d47c70ba958c54195365065c9550274

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 29 Jan 2021 16:29:47 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:56 GMT
server: AmazonS3
age: 6567621
etag: "503abd5766ef78649c77b384fc08ba6b"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 57536
x-amz-cf-id: r5NROrzNzhM2c7Q7OfN4WkXH-qNWxvjStF_Fm7K6G3TrG7akVArU_A==
expires: Sat, 18 Dec 2021 14:25:55 GMT

GET
H2 200 Booking-01-Image.png
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142838/ 160 KB
161 KB 29ms
26ms Image
image/png 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142838/Booking-01-Image.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 36d6e18cead8b7fc0df7771a0504f07d003dc73db02017517270af2b0fa673d8

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 03:55:18 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:28:39 GMT
server: AmazonS3
age: 5489689
etag: "cb40f0027d9b18b2ce79b3b5af903f1a"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 164044
x-amz-cf-id: 3YtQZ6L7YcqsNIFQuH5n370GubsYqsh_YsIU109j02apqQivT1G_jQ==
expires: Sat, 18 Dec 2021 14:28:38 GMT

GET
H2 200 iStock-624474514_675x400.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/ 29 KB
29 KB 63ms
61ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/iStock-624474514_675x400.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b58b361f54c60ea6f7f276f068766df9f330c2740412973a60565d4f19003b24

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:20:24 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:55 GMT
server: AmazonS3
age: 5750984
etag: "c56abcaf28cf37db2adc20b9692f142b"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 29358
x-amz-cf-id: iD9mftSKvkuwYHfp-JdLjFiJ35sSRnBv1cuiQ83eBvg4lheQuWvHkg==
expires: Sat, 18 Dec 2021 14:25:54 GMT

GET
H2 200 Graton_SpaWomensTranquility_v2s_675x400.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/ 46 KB
47 KB 14ms
12ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/Graton_SpaWomensTranquility_v2s_675x400.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ae8d8f2df4c8214ee2e0348398060d8c5301aec19703a30fc0196cb8e05098e2

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:20:24 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:55 GMT
server: AmazonS3
age: 5750984
etag: "3fb6afb5d7763a1525960631e34d41ad"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 47355
x-amz-cf-id: BIIp9i6XK_Nu_24Uk685hdVx-wo9rLuVj8zzKeNNpuTt2EPEbZS8xg==
expires: Sat, 18 Dec 2021 14:25:54 GMT

GET
H2 200 630ParkSteakhouseHero_675x400.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/ 50 KB
51 KB 17ms
15ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/630ParkSteakhouseHero_675x400.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a7a1e62e56cf30e058cb9264a56ca0c4d4702d385a3b38506b15c3ec65a3e3dd

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 02 Feb 2021 07:05:32 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:55 GMT
server: AmazonS3
age: 6255876
etag: "5a04c56b30d90ea66b1fee71f4a77417"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 51372
x-amz-cf-id: 3uliUH8f0tC1yKlCLhO9gNDmlCFSzqAb9TjcKqpu36p6NykVNURclQ==
expires: Sat, 18 Dec 2021 14:25:54 GMT

GET
H2 200 graton_20180223-day-4-0637_565x510.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/ 55 KB
55 KB 16ms
14ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142554/graton_20180223-day-4-0637_565x510.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 87b7fc08b701ebe637cb6d8079f510482e8202805b010e5d1b7296be76cca322

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 03:20:24 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:55 GMT
server: AmazonS3
age: 5750984
etag: "fb5973fe813db3a58a6ce045d9d2bcf4"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 55834
x-amz-cf-id: M4GTC8OYDSiFsLQwNBgKNRc5vnyaBsUNyBw5ZxEjkAf1PyOjMIsQYA==
expires: Sat, 18 Dec 2021 14:25:54 GMT

GET
H/1.1 200
OK wp-polyfill.min.js Show response
gratonresortcasino.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 188ms
185ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2020 23:03:19 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 98
ETag: W/"183ee-5b4f66ee82b68"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 221819fbf7724b735246ce8b6af9132f.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: 5rpeDf7kwvwjYYjtur_qQGmfF1OVkGbU58Two2tvX4OiAeTjfpoutg==

GET
H/1.1 200
OK i18n.min.js Show response
gratonresortcasino.com/wp-includes/js/dist/ 9 KB
4 KB 182ms
179ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/dist/i18n.min.js?ver=ac389435e7fd4ded01cf603f3aaba6a6
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: c52c11cc9338b3eab968a005a5a0d6cbb9f80da1016d4f755078a8ecfd089bcb

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:39:55 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 08:43:07 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 612
ETag: W/"253c-5ba7eb158fcb0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a68097bdd514e6082da61e488096dbfb.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: QeUs60BcmGXz-qgkRZjANU0bb0TU387xAVNA5fepFd1eShS2gz4aSQ==

GET
H/1.1 200
OK lodash.min.js Show response
gratonresortcasino.com/wp-includes/js/dist/vendor/ 71 KB
26 KB 203ms
200ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/dist/vendor/lodash.min.js?ver=4.17.19
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:48:29 GMT
Content-Encoding: gzip
Last-Modified: Wed, 25 Nov 2020 23:03:19 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 98
ETag: W/"11c65-5b4f66ee64708"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f97210398b4cfef9ad2de33146167726.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: nnO9cYymwQNMGtxrYBbwdfmSLAwQZUjMepxpRlntUv2R1Lg_y7zUwg==

GET
H/1.1 200
OK url.min.js Show response
gratonresortcasino.com/wp-includes/js/dist/ 13 KB
5 KB 173ms
172ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/dist/url.min.js?ver=98645f0502e5ed8dadffd161e39072d2
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: f5d1de019f464e8279bd2003b66defb192aee756b3675dacf468a9d39e7a7240

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 08:43:03 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 281
ETag: W/"35f3-5ba7eb121cbc8"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f846651d60359ebb3a1181bfa98b2e85.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: JzVZx_ZZsJSfWtWGc2csFgnY2bf3e5MK73HbR77gTLc_j2O8Jw15AQ==

GET
H/1.1 200
OK hooks.min.js Show response
gratonresortcasino.com/wp-includes/js/dist/ 6 KB
3 KB 171ms
171ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/dist/hooks.min.js?ver=84b89ab09cbfb4469f02183611cc0939
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: d59bf6f772c44e0fb74fae16abb757bddf2600adc89641262accbe06d68b7de1

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 08:43:06 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 281
ETag: W/"181e-5ba7eb14b1a00"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2ea3413b4cef1ac5b49fbdfbe748ef18.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: nryfEZbIa0Kdp15di9mkMafUQFeArwVVhtGx-h1D6oXHVuo6GnEdYw==

GET
H/1.1 200
OK api-fetch.min.js Show response
gratonresortcasino.com/wp-includes/js/dist/ 12 KB
4 KB 182ms
181ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/dist/api-fetch.min.js?ver=4dec825c071b87c57f687eb90f7c23c3
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: d87aaa11549edb8037c429c32d083c7004d4fb26db52c09ce84dc4c09cc476b9

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 08:43:06 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 281
ETag: W/"30a3-5ba7eb14741a0"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f97210398b4cfef9ad2de33146167726.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: uQlrvAap0s_h3vU-We4bf9l4SOpSiwL-BvP335Mp3gJyZcXoP5uWCQ==

GET
H/1.1 200
OK index.js Show response
gratonresortcasino.com/wp-content/plugins/contact-form-7/includes/js/ 11 KB
4 KB 170ms
169ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 12:42:53 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 281
ETag: W/"2ac2-5bcc96c3b5f40"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 2ea3413b4cef1ac5b49fbdfbe748ef18.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: GDwKxoC66JHTciK9wG-obxIpnycAld5x_xRvCj6zzAakvm_-Vj1DTw==

GET
H/1.1 200
OK smush-lazy-load.min.js Show response
gratonresortcasino.com/wp-content/plugins/wp-smush-pro/app/assets/js/ 8 KB
4 KB 174ms
173ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/plugins/wp-smush-pro/app/assets/js/smush-lazy-load.min.js?ver=3.8.4
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 19 Mar 2021 08:42:04 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 281
ETag: W/"1eee-5bddfb0c56748"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 6ac65de939573cb26099f6407fa8e169.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: V7a2qgASnIaJDa3pCW_vOlbiPgkHLadJk7_zTvLdgiuoKrZ_HOQQ3A==

GET
H/1.1 200
OK child-theme.min.js Show response
gratonresortcasino.com/wp-content/themes/understrap-child/js/ 96 KB
26 KB 187ms
186ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/js/child-theme.min.js?ver=0.5.5900001
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 7e4a31eacb48660d0bf468145e917d6240f75a47b98673a189279268d788dcce

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Tue, 16 Mar 2021 11:30:40 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: W/"17f9f-5bda5b235f398"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 221819fbf7724b735246ce8b6af9132f.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: P1McB1Md4oeZlca_nLA96dQOFOl5N_OQxHKswcqI0munLzAM3xNg1w==

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
676 B 77ms
74ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&ver=3.0

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6ea6159c0fd34ded781dcd6111de9e9abb7f9e621e09cd393ef919dd7cc5b5ff

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 584
x-xss-protection: 1; mode=block
expires: Thu, 15 Apr 2021 16:50:07 GMT

GET
H/1.1 200
OK index.js Show response
gratonresortcasino.com/wp-content/plugins/contact-form-7/modules/recaptcha/ 4 KB
2 KB 171ms
170ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/plugins/contact-form-7/modules/recaptcha/index.js?ver=5.4
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 671792033b9675a4d8ddbdfbb6b048da36b11b6d569c4f92ad3f785e71bba8de

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Fri, 05 Mar 2021 12:42:52 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: W/"e8b-5bcc96c2a2518"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 f846651d60359ebb3a1181bfa98b2e85.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: U8Mfnq0ulW586LJYM2CbdGz3bN6dwyOZf7TdU_RhVSFA0CP8JRrF2A==

GET
H/1.1 200
OK wp-embed.min.js Show response
gratonresortcasino.com/wp-includes/js/ 1 KB
1 KB 181ms
180ms Script
application/javascript 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-includes/js/wp-embed.min.js?ver=4d00cc16543a1e671a84a7e0d19e889c
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: script
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Content-Encoding: gzip
Last-Modified: Thu, 04 Feb 2021 08:43:09 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: W/"592-5ba7eb17d5560"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Via: 1.1 a68097bdd514e6082da61e488096dbfb.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: PHX50-C1
X-Amz-Cf-Id: m1DcV7L8amPCdA-K1xdhQSB4IDwRuR3638u1bizJ9szdEQZraU3f0A==

GET
DATA 200
OK truncated
/ 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK Hero-Overlay.png
gratonresortcasino.com/wp-content/themes/understrap-child/img/generals/ 27 KB
27 KB 309ms
191ms Image
image/png 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/img/generals/Hero-Overlay.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 0bffb3c9d4c39ac2080bd7d61dfcbec9b2de0d445261a91fa19132cea7d4d65e

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Connection: keep-alive
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Via: 1.1 a68097bdd514e6082da61e488096dbfb.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:44 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 281
ETag: "6b25-5bda5b27229a8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 27429
X-Amz-Cf-Id: cbaxsXvBFvccwGIumDgYDwA1H3JRf8V0qvGzbcTW_cki-OKqjGFRtQ==

GET
H/1.1 200
OK left-arrow.png
gratonresortcasino.com/wp-content/themes/understrap-child/img/generals/ 347 B
820 B 312ms
170ms Image
image/png 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/img/generals/left-arrow.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 32086d2374fbb741f61598bfcaa9834b5bafcf47bfca17d01f7ca7c1194fee10

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Connection: keep-alive
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:39:55 GMT
Via: 1.1 221819fbf7724b735246ce8b6af9132f.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:44 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 612
ETag: "15b-5bda5b2772ae8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 347
X-Amz-Cf-Id: EmR-9e31uQV633tXWBjBHXhju5DrXlFMRhyPLvp8vbh1wckcfKoviw==

GET
H/1.1 200
OK right-arrow.png
gratonresortcasino.com/wp-content/themes/understrap-child/img/generals/ 336 B
809 B 315ms
170ms Image
image/png 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/img/generals/right-arrow.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 7d295296ba33a6b6477696a149c222f5c8e07a41055c0895c5883c1922179054

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Connection: keep-alive
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:39:55 GMT
Via: 1.1 f846651d60359ebb3a1181bfa98b2e85.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:44 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 612
ETag: "150-5bda5b275c388"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 336
X-Amz-Cf-Id: iawIZhLZVvZ2uBiAo9_4KI3oJpCCHXXS7IrmxbWtkOn7ev18eOgcgg==

GET
H2 200 PromoBG-1920-Curve-V2-1.png
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142452/ 117 KB
117 KB 31ms
28ms Image
image/png 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142452/PromoBG-1920-Curve-V2-1.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1e3f3d4763ec6b675e00617895509a8e724dc4746cd94882941a84823cfd17c3

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 11:49:22 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:24:53 GMT
server: AmazonS3
age: 2437246
etag: "00f6d988c3477d8c7af78b80904ca017"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 119403
x-amz-cf-id: k3wSnlEe4cT2jfBwbrYXmqPOWIKUJZm0lVv6cQ-yK_ksCVTzQzGX4g==
expires: Sat, 18 Dec 2021 14:24:52 GMT

GET
H2 200 Booking-BG-1920.png
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142742/ 168 KB
169 KB 23ms
21ms Image
image/png 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142742/Booking-BG-1920.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6a25fe466a8346987bce0fc05b86f85762cfa3acc0b6fb3ca8bb946770d769fd

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 03:55:19 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:27:44 GMT
server: AmazonS3
age: 5489689
etag: "92239b6bcaba5944682d80a896a5fcb6"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 172310
x-amz-cf-id: rstBdlBBZo7S-wKcSR2xgbe_b7k7xXu7UpZ9q9ruJ9fdVKg95P0wpQ==
expires: Sat, 18 Dec 2021 14:27:42 GMT

GET
H2 200 Experience-BG-1920-1.png
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/10/18142920/ 19 KB
19 KB 19ms
17ms Image
image/png 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/10/18142920/Experience-BG-1920-1.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e4ddf4cd3bb81b9a71e265ccc2f5530c6607690ad04d52db5db8e8de4e725505

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 03:55:19 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:29:21 GMT
server: AmazonS3
age: 5489689
etag: "4d03fbb6f47aa0383fc9f8b3f4d285a0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 19213
x-amz-cf-id: QWFpkzhvHcdAKBUM4Z-P-tmYiQ-dP92WRKlWSIQp6K2q4qScg1n-Ow==
expires: Sat, 18 Dec 2021 14:29:20 GMT

GET
H/1.1 200
OK Slider-Overlay.png
gratonresortcasino.com/wp-content/themes/understrap-child/img/experience/ 3 KB
3 KB 234ms
234ms Image
image/png 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/img/experience/Slider-Overlay.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 611ebba237a91b59a6b0f1c618fb42b66c700606dc30921fba88b381c5aa01e7

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
Via: 1.1 6ac65de939573cb26099f6407fa8e169.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:45 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
X-Amz-Cf-Pop: PHX50-C1
ETag: "bb6-5bda5b2786b38"
X-Cache: RefreshHit from cloudfront
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2998
X-Amz-Cf-Id: F8N1E3_8tuAmK3AvSc0vuWwFKLy2FSA4ouGqJGn-ps0wrW-ve0yAVQ==

GET
H2 200 Rewards-1920-Curve.png
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142529/ 177 KB
177 KB 21ms
19ms Image
image/png 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142529/Rewards-1920-Curve.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2922003b2a349ff82479dbe37388650e82ee133794cbc5abc359fe5e703650fd

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 29 Mar 2021 14:52:59 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:30 GMT
server: AmazonS3
age: 1475828
etag: "c69ccb167686fae76831a7ab96d64952"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 181076
x-amz-cf-id: ycg8yw3p0hlQLh4kd4oCEzI8zaJqvBgt91WaZXBIGsiDSbIvFfYw0w==
expires: Sat, 18 Dec 2021 14:25:29 GMT

GET
H2 200 Gaming-BG-1920.png
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142732/ 185 KB
185 KB 27ms
24ms Image
image/png 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142732/Gaming-BG-1920.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cd7dbd577fe6523df243d0f4a58ece2823030ecead80ed607df06406cd4b041a

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 00:57:03 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:27:33 GMT
server: AmazonS3
age: 2562785
etag: "c8ed214edc6c53baf3a8c7b8138a2bbc"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 189024
x-amz-cf-id: B5ZJc04dMJ5PT059fC6o4u_JcWjdipL0Nt0DvAN3jTNZciz12x4gyg==
expires: Sat, 18 Dec 2021 14:27:32 GMT

GET
H2 200 Contact-Us-BG-1920-V2-1.png
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142502/ 16 KB
16 KB 18ms
15ms Image
image/png 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142502/Contact-Us-BG-1920-V2-1.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5640bb830e2acbef33624b7d528f044cc65694e4b295a975c96f9b29e9ff943

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 03:55:19 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:03 GMT
server: AmazonS3
age: 5489689
etag: "fbd652114bc8f5b2e86dcd77a4cbbec0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/png
content-length: 15908
x-amz-cf-id: 6UQEmLpEj8qSSA94vVnGbxAQObvjHkewx7jJ4peYRBNX14k2fBlnEw==
expires: Sat, 18 Dec 2021 14:25:02 GMT

GET
H/1.1 200
OK Footer-BG-1920.png
gratonresortcasino.com/wp-content/themes/understrap-child/img/footer/ 11 KB
11 KB 170ms
170ms Image
image/png 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/img/footer/Footer-BG-1920.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: a8f7faf0db57761fd22f595d1a05c6ea1e9695acd68b164f6cad401aa0621f31

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:39:55 GMT
Via: 1.1 f846651d60359ebb3a1181bfa98b2e85.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:45 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 613
ETag: "2a8f-5bda5b27a5b50"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 10895
X-Amz-Cf-Id: _bueVRYCbfLiLbqUkYGa6NAEmEwpWAYeK74lZLR-fUrgYtCWsDvGTQ==

GET
H/1.1 200
OK fontawesome-webfont.woff2
gratonresortcasino.com/wp-content/themes/understrap-child/fonts/ 75 KB
76 KB 182ms
181ms Font
application/octet-stream 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Origin: https://gratonresortcasino.com
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors
Accept: */*
Cache-Control: no-cache
Sec-Fetch-Dest: font
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
Connection: keep-alive
Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/wp-content/themes/understrap-child/css/child-theme.min.css?ver=0.5.5900001
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:39:55 GMT
Via: 1.1 6ac65de939573cb26099f6407fa8e169.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:48 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 612
ETag: "12d68-5bda5b2b3c2a0"
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 77160
X-Amz-Cf-Id: fS8sPVn16UBKcOFlOoBGHQuonSGUDVSrygXDj94XBgGqyUjTKxzVRw==

GET
H3-29

200

activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F Show response
8902294.fls.doubleclick.net/ Frame 1566
Redirect Chain

https://8902294.fls.doubleclick.net/activityi;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?
https://8902294.fls.doubleclick.net/activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgr...

489 B
409 B

135ms
69ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8902294.fls.doubleclick.net/activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8N3H9P

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

80a7fde36463242ed3563710d24967a52c1c1588e31792b6c8dc9c5f5c38247f

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8902294.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gratonresortcasino.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Apr-2021 17:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8902294.fls.doubleclick.net/activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F Show response
8923196.fls.doubleclick.net/ Frame A7F3
Redirect Chain

https://8923196.fls.doubleclick.net/activityi;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?
https://8923196.fls.doubleclick.net/activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgrat...

487 B
406 B

134ms
68ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8923196.fls.doubleclick.net/activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8N3H9P

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

2f062009434f87d2ebc1e3af77ab82c0f15bea61bbd887e7fd03dd9cce3675eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8923196.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gratonresortcasino.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 381
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 15-Apr-2021 17:05:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:07 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8923196.fls.doubleclick.net/activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M8N3H9P

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 7013
date: Thu, 15 Apr 2021 14:53:14 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Thu, 15 Apr 2021 16:53:14 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 39ms
7ms Script
application/x-javascript 2600:9000:21f3:e600:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:e600:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 15:58:11 GMT
content-encoding: gzip
last-modified: Thu, 15 Apr 2021 15:58:01 GMT
server: Jetty(9.3.29.v20201019)
age: 3116
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA2-C2
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: m-4rGQnaahobflST4awJM8iMd8yB36vfbpJw6jiNq18oHvSQ3-PVKQ==
expires: Thu, 15 Apr 2021 16:58:11 GMT

GET
H2 200 255014 Show response
beacon.sojern.com/pixel/p/ 4 KB
960 B 119ms
55ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/255014?f_v=v6_js&p_v=1&pc=&vid=hot&cid=
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 7bab1863edc3bc3996529df69f3f398bea8c9f7dd90eeb1195aba0094f9cdf00

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:07 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
content-encoding: gzip
content-type: application/javascript
alt-svc: clear
content-length: 697

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=555309358&t=pageview&_s=1&dl=https%3A%2F%2Fgratonresortcasino.com%2F&ul=en-us&de=UTF-8&dt=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1869796793&gjid=2036349037&cid=651161342.1618505408&tid=UA-38300776-1&_gid=288139324.1618505408&_r=1&gtm=2wg472M8N3H9P&z=484401159

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gratonresortcasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-38300776-1&cid=651161342.1618505408&jid=1869796793&gjid=2036349037&_gid=288139324.1618505408&_u=YEBAAEAAAAAAAC~&z=2144608723

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 15 Apr 2021 16:50:07 GMT
content-type: text/plain
access-control-allow-origin: https://gratonresortcasino.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set ca.html Show response
20822499p.rfihub.com/ Frame 5A77 3 KB
4 KB 224ms
58ms Document
text/html 193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20822499p.rfihub.com/ca.html?ver=9&rb=40146&ca=20822499&_o=undefined&_t=undefined&pe=https%3A%2F%2Fgratonresortcasino.com%2F&pf=&ra=09927731102989656
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 3e280d3a7ab1c59e5218d21fdd19e01c9386971596928ffb62274061e5186a9e

Request headers

Host: 20822499p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://gratonresortcasino.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gratonresortcasino.com/

Response headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmhhamBqYmBhYGS5Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwuN_wldPwsq_xYafxMrmnncaO5H4y8SRuU_QuMDAO9x-SowAQAA; Path=/; Domain=.rfihub.com; Expires=Tue, 10 May 2022 16:50:08 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDE2MDUyMLYwMhfiM9T1dTE3iDctdMpyMymW4jU0M7QwNTA1MbAwMLIAADXWbxk0AAAA; Path=/; Domain=.rfihub.com; Expires=Tue, 10 May 2022 16:50:08 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDE2MDUyMLYwMhfiM9T1dTE3iDctdMpyMykGAGT7xGQlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2940
Server: Jetty(9.3.29.v20201019)

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
65 B 32ms
31ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-38300776-1&cid=651161342.1618505408&jid=1869796793&_u=YEBAAEAAAAAAAC~&z=139187230

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 31ms
30ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-38300776-1&cid=651161342.1618505408&jid=1869796793&_u=YEBAAEAAAAAAAC~&z=139187230

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:07 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

src=8262897;dc_pre=CNWXpb_agPACFRntGQodN5wC0A;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8262897;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
https://ad.doubleclick.net/ddm/activity/src=8262897;dc_pre=CNWXpb_agPACFRntGQodN5wC0A;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[Orde...
https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=CNWXpb_agPACFRntGQodN5wC0A;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

42 B
63 B

43ms
42ms

Image
image/gif

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=CNWXpb_agPACFRntGQodN5wC0A;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=CNWXpb_agPACFRntGQodN5wC0A;type=sales;cat=grato000;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj...
https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&sjrn_ula=923637306&google_gid=CAESEMUVCY5ThFrgPylGGZ-exqk&google_cver=1

42 B
273 B

55ms
52ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&sjrn_ula=923637306&google_gid=CAESEMUVCY5ThFrgPylGGZ-exqk&google_cver=1
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&sjrn_ula=923637306&google_gid=CAESEMUVCY5ThFrgPylGGZ-exqk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern_adh
https://cm.g.doubleclick.net/pixel?google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern_adh&google_tc=
https://fcmatch.google.com/pixel?google_gm=AMnCDorW__EpgEDIslG_nKUJ_UrmJgSGdrarOPukR3czlrxCEcvDcuAX93zdJNUHjUAiUJioSu9kmW__vi96VxutQdY0WQcGXzOmLoIF_lkM-zdTzGdEtro
https://fcmatch.youtube.com/pixel?google_gm=AMnCDorW__EpgEDIslG_nKUJ_UrmJgSGdrarOPukR3czlrxCEcvDcuAX93zdJNUHjUAiUJioSu9kmW__vi96VxutQdY0WQcGXzOmLoIF_lkM-zdTzGdEtro

170 B
529 B

37ms
14ms

Image
image/png

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDorW__EpgEDIslG_nKUJ_UrmJgSGdrarOPukR3czlrxCEcvDcuAX93zdJNUHjUAiUJioSu9kmW__vi96VxutQdY0WQcGXzOmLoIF_lkM-zdTzGdEtro

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDorW__EpgEDIslG_nKUJ_UrmJgSGdrarOPukR3czlrxCEcvDcuAX93zdJNUHjUAiUJioSu9kmW__vi96VxutQdY0WQcGXzOmLoIF_lkM-zdTzGdEtro
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DWX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc
https://pixel.sojern.com/idsync/apn?id=9058995466096312716&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc

42 B
276 B

55ms
54ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=9058995466096312716&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
X-Proxy-Origin: 185.236.42.214; 185.236.42.214; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.203:80
AN-X-Request-Uuid: 66de5c5f-80d7-44b1-b713-64d862162810
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.sojern.com/idsync/apn?id=9058995466096312716&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=ed11d33c-6d1f-4791-9c50-2cf9afed66c7&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc

42 B
276 B

55ms
54ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=ed11d33c-6d1f-4791-9c50-2cf9afed66c7&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=ed11d33c-6d1f-4791-9c50-2cf9afed66c7&sjrn_id=WX67z20yxGfnK9KFkqTSRjzTd_57EFYtxewFZWopx0J94gWJvQj3ZsU7cMiJk2kc
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 327

GET
H/1.1 200
OK Graton-Logo-White.png
gratonresortcasino.com/wp-content/themes/understrap-child/img/logo/ 3 KB
3 KB 179ms
179ms Image
image/png 13.33.25.41
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gratonresortcasino.com/wp-content/themes/understrap-child/img/logo/Graton-Logo-White.png
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.33.25.41 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-33-25-41.phx50.r.cloudfront.net
Software: Apache/2.4.46 () OpenSSL/1.0.2k-fips /
Resource Hash: ab034c7b1ca5f1bf3bcc5ad8cd44e26bcc1cbc11f00ce099f17f772c1883e4c6

Request headers

Pragma: no-cache
Sec-Fetch-Site: same-origin
Accept-Encoding: gzip, deflate, br
Host: gratonresortcasino.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: no-cors
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control: no-cache
Sec-Fetch-Dest: image
Referer: https://gratonresortcasino.com/
Cookie: _gcl_au=1.1.1763224146.1618505408; _ga=GA1.2.651161342.1618505408; _gid=GA1.2.288139324.1618505408; _gat_UA-38300776-1=1
Connection: keep-alive
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:45:26 GMT
Via: 1.1 f97210398b4cfef9ad2de33146167726.cloudfront.net (CloudFront)
Last-Modified: Tue, 16 Mar 2021 11:30:45 GMT
Server: Apache/2.4.46 () OpenSSL/1.0.2k-fips
Age: 282
ETag: "b31-5bda5b2837758"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: PHX50-C1
Accept-Ranges: bytes
Content-Length: 2865
X-Amz-Cf-Id: h_0YRjkO37c3U5M6DhSrSgThZUg1CPyc9qlxSFvhpIqRb8XedGt1zg==

GET
H2 200 dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame 837B 486 B
615 B 42ms
42ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Requested by

Host: 8923196.fls.doubleclick.net
URL: https://8923196.fls.doubleclick.net/activityi;dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

af1aca5968c934d2d68a6dff5f6154524d1432a17728863504349be79153741f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8923196.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8923196.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 382
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 5A77
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3MDQ3MTU5NDMwNTIwMzgyNw==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEPhTF7FBJvxc5wgjr6xf7QE&google_cver=1

42 B
1 KB

222ms
56ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEPhTF7FBJvxc5wgjr6xf7QE&google_cver=1
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEPhTF7FBJvxc5wgjr6xf7QE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 5A77 43 B
1010 B 51ms
48ms Image
image/gif 37.252.172.37
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=1870471594305203827

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.37 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

691.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
X-Proxy-Origin: 185.236.42.214; 185.236.42.214; 691.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.109:80
AN-X-Request-Uuid: 0a700239-a575-41a7-9b1b-e6a309f760e8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 5A77
Redirect Chain

https://stags.bluekai.com/site/4722?id=1870471594305203827&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=TnG2199999Y04cCQ&forward=

42 B
991 B

169ms
59ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=TnG2199999Y04cCQ&forward=
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=TnG2199999Y04cCQ&forward=
Date: Thu, 15 Apr 2021 16:50:08 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: de6e
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 5A77 0
239 B 218ms
55ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1870471594305203827
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 5A77
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1870471594305203827&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1870471594305203827&redir=

42 B
915 B

71ms
71ms

Image
image/gif

34.246.39.225
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1870471594305203827&redir=

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.246.39.225 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-246-39-225.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-09dfd850a.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: tSpmrXtMSSU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: HkMSS3SGRgI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1870471594305203827&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5A77
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1870471594305203827&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1870471594305203827&forward=&C=1

43 B
1005 B

89ms
88ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1870471594305203827&forward=&C=1
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 15 Apr 2021 16:50:08 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1870471594305203827&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Thu, 15 Apr 2021 16:50:08 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 5A77 0
444 B 27ms
6ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 5A77 42 B
416 B 118ms
55ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1870471594305203827
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Apr 2021 16:50:08 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 5A77 43 B
191 B 304ms
192ms Image
image/gif 23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1870471594305203827

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-79-152-128.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
cache-control: max-age=0, no-cache, no-store
expires: Thu, 15 Apr 2021 16:50:08 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 5A77
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1870471594305203827&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1870471594305203827&img=1&__user_check__=1&sync_id=a2c32c3d-9e0a-11eb-a47e-155da6fd0106

43 B
547 B

53ms
53ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1870471594305203827&img=1&__user_check__=1&sync_id=a2c32c3d-9e0a-11eb-a47e-155da6fd0106
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 6
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=1870471594305203827&img=1&__user_check__=1&sync_id=a2c32c3d-9e0a-11eb-a47e-155da6fd0106
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 91
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame 5A77 43 B
183 B 271ms
86ms Image
image/gif 2600:1f18:612b:4232:16e5:e760:b671:d648
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1870471594305203827&r=BSIL-x6b7t5s
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:16e5:e760:b671:d648 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 5A77 43 B
238 B 180ms
59ms Image
image/gif 52.56.207.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1870471594305203827
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.56.207.211 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-56-207-211.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5A77 0
338 B 223ms
70ms Image
text/plain 34.246.207.243
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1870471594305203827
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.246.207.243 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-246-207-243.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
cache-control: private, no-cache, no-store
x-request-time: D=33 t=1618505408
x-served-by: beacon-n008-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame 5A77
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1870471594305203827&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1870471594305203827&expires=30

43 B
344 B

52ms
52ms

Image
image/gif

35.158.9.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1870471594305203827&expires=30
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.9.168 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-9-168.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1870471594305203827&expires=30
date: Thu, 15 Apr 2021 16:50:08 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 5A77
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1870471594305203827&bid=omt9pi0

0
344 B

405ms
47ms

Image
text/plain

18.184.216.10
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1870471594305203827&bid=omt9pi0
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 18.184.216.10 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-216-10.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=1870471594305203827&bid=omt9pi0
Date: Thu, 15 Apr 2021 16:50:08 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 5A77
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YHhuwAAAIOm8zgA4
https://p.rfihub.com/cm?in=1&pub=21653&userid=YHhuwAAAIOm8zgA4&_test=YHhuwAAAIOm8zgA4

42 B
1 KB

56ms
55ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YHhuwAAAIOm8zgA4&_test=YHhuwAAAIOm8zgA4
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:50:08 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1618505409.587736,VS0,VE0
x-served-by: cache-hhn4074-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YHhuwAAAIOm8zgA4&_test=YHhuwAAAIOm8zgA4
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame 5A77 46 B
696 B 552ms
79ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1870471594305203827

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Thu, 15 Apr 2021 16:50:08 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Thu, 15 Apr 2021 16:50:08 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 5A77
Redirect Chain

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
https://p.rfihub.com/cm?in=1&pub=17945&userid=aa110f04-e6ca-4d89-97bf-97ec8ef609d8

42 B
1 KB

55ms
55ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=17945&userid=aa110f04-e6ca-4d89-97bf-97ec8ef609d8
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Thu, 15 Apr 2021 16:50:09 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:07 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Location: https://p.rfihub.com/cm?in=1&pub=17945&userid=aa110f04-e6ca-4d89-97bf-97ec8ef609d8
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 213
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 5A77
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1870471594305203827&referrer=https%3A%2F%2Fgratonresortcasino.com%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=4657e030-071c-4f87-99e1-fdca35d1eadc%3A1618505408.92&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3D4657e030-071c-4f87-99e1-fdca35d1eadc...
https://idsync.rlcdn.com/501709.gif?partner_uid=4657e030-071c-4f87-99e1-fdca35d1eadc%3A1618505408.92
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFhyoOOUk5wxzksxWzLvUJM&google_cver=1

42 B
299 B

55ms
55ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFhyoOOUk5wxzksxWzLvUJM&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 15 Apr 2021 16:50:09 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:09 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESEFhyoOOUk5wxzksxWzLvUJM&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 5A77 43 B
109 B 625ms
187ms Image
image/gif 34.192.69.218
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1870471594305203827
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.192.69.218 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20822499p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2 200 dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame A8CA 488 B
454 B 42ms
42ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Requested by

Host: 8902294.fls.doubleclick.net
URL: https://8902294.fls.doubleclick.net/activityi;dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a0e1b4c1f52b5fa3ff2b955f158aa5c94b097c558a4deedf7d9613aea5c5947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://8902294.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8902294.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F Show response
8923196.fls.doubleclick.net/ddm/fls/r/ Frame 5BE9
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresort...
https://8923196.fls.doubleclick.net/ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgrat...

1 KB
651 B

71ms
71ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8923196.fls.doubleclick.net/ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

9306307dc5fa8b578d0ec0feda67ae5800950be5c40b4c1cf7d392b7ff4eb216

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8923196.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
expires: Thu, 15 Apr 2021 16:50:08 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 626
x-xss-protection: 0
set-cookie: IDE=AHWqTUlHLf-eLS0eGhpv5H3KNfZm04MKL-eSIMcHoNgfTOiawSeSJq0inApAIPhACc8; expires=Tue, 10-May-2022 16:50:08 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8923196.fls.doubleclick.net/ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F Show response
8902294.fls.doubleclick.net/ddm/fls/r/ Frame 2774
Redirect Chain

https://adservice.google.de/ddm/fls/i/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonreso...
https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgr...

1 KB
669 B

69ms
68ms

Document
text/html

142.250.74.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.74.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f6.1e100.net

Software

cafe /

Resource Hash

995807f21961839f41177e1416e7e26c54b232803615763ffc2e0648d237883c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8902294.fls.doubleclick.net
:scheme: https
:path: /ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkjj4f0sY_ucZf7zrnLZxTmiEwoa7Eu1K3Aa2_Lo4mf5x4dUFwdmG9NCmZqugI
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
expires: Thu, 15 Apr 2021 16:50:08 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 646
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 15 Apr 2021 16:50:08 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ 334 KB
130 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://gratonresortcasino.com
Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1986
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133125
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 16:17:02 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=555309358&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgratonresortcasino.com%2F&ul=en-us&de=UTF-8&dt=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Gaming%20Gaming%20Graton%20Rewards%20Slots%20Live%20Poker%20Room%20High%20Limit%20Gaming%20Table%20Games%20Winners%20VIP%20Hosting%20Team&ea=&el=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=651161342.1618505408&tid=UA-38300776-1&_gid=288139324.1618505408&gtm=2wg472M8N3H9P&z=755960470

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24390
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=555309358&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgratonresortcasino.com%2F&ul=en-us&de=UTF-8&dt=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Dining%20%26%20Entertainment%20Dining%20%26%20Entertainment%20Restaurants%20Marketplace%20Entertainment&ea=&el=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=651161342.1618505408&tid=UA-38300776-1&_gid=288139324.1618505408&gtm=2wg472M8N3H9P&z=279223247

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24390
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=555309358&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgratonresortcasino.com%2F&ul=en-us&de=UTF-8&dt=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Resort%20Resort%20Hotel%20Meetings%20%26%20Events%20Spa%20Pool&ea=&el=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=651161342.1618505408&tid=UA-38300776-1&_gid=288139324.1618505408&gtm=2wg472M8N3H9P&z=105616753

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24390
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j89&a=555309358&t=event&ni=0&_s=1&dl=https%3A%2F%2Fgratonresortcasino.com%2F&ul=en-us&de=UTF-8&dt=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=About%20About%20Contact%20Transportation%20FAQ%20Blog&ea=&el=Graton%20Casino%20%26%20Resort%20%7C%20Bay%20Area%20Casino%20in%20Rohnert%20Park&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=651161342.1618505408&tid=UA-38300776-1&_gid=288139324.1618505408&gtm=2wg472M8N3H9P&z=624777891

Requested by

Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 24390
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 grt_slots_day-1-0583_1920x1296.jpg
d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142555/ 248 KB
249 KB 15ms
15ms Image
image/jpeg 2600:9000:20eb:9400:12:6850:a180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d37qwjs3c1carq.cloudfront.net/wp-content/uploads/2020/11/18142555/grt_slots_day-1-0583_1920x1296.jpg
Requested by: Host: gratonresortcasino.com
URL: https://gratonresortcasino.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:9400:12:6850:a180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9adf3b4e19f4bfacb68a7a6c777c827be9fa024fc37246924186b3da3280e6e7

Request headers

Referer: https://gratonresortcasino.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 24 Feb 2021 00:04:29 GMT
via: 1.1 9568a708c8ab21597698ebe7dce6c42e.cloudfront.net (CloudFront)
last-modified: Fri, 18 Dec 2020 14:25:56 GMT
server: AmazonS3
age: 4380340
etag: "5e072f8d458963a0a8d3600a95d488f0"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31536000
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-type: image/jpeg
content-length: 254435
x-amz-cf-id: yCayTxYVCIm2dOVueRTQ2j9V0pcPu0ESTvfSZWRQAmhRc272twfPNQ==
expires: Sat, 18 Dec 2021 14:25:55 GMT

GET
H3-29 200 anchor Show response
www.google.com/recaptcha/api2/ Frame DE78 19 KB
10 KB 29ms
28ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&co=aHR0cHM6Ly9ncmF0b25yZXNvcnRjYXNpbm8uY29tOjQ0Mw..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=qqkiteszms4r

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24114df3e45b7613ec2fbbdbc46c577de44e42045a11db381f5e8f3461871cb2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rjQBZH2PBZrMu8pmqKsOaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/anchor?ar=1&k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&co=aHR0cHM6Ly9ncmF0b25yZXNvcnRjYXNpbm8uY29tOjQ0Mw..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=qqkiteszms4r
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://gratonresortcasino.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://gratonresortcasino.com/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 15 Apr 2021 16:50:08 GMT
content-security-policy: script-src 'report-sample' 'nonce-rjQBZH2PBZrMu8pmqKsOaw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 10010
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ Frame 5BE9 88 KB
35 KB 52ms
30ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-707911747

Requested by

Host: 8923196.fls.doubleclick.net
URL: https://8923196.fls.doubleclick.net/ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95a2ff1587434460ce1cd740623d09712a48e98aad0a474cf7a4339a01b6d37c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35851
x-xss-protection: 0
last-modified: Thu, 15 Apr 2021 15:31:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 15 Apr 2021 16:50:08 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ Frame 5BE9 23 KB
9 KB 35ms
9ms Script
application/javascript 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: 8923196.fls.doubleclick.net
URL: https://8923196.fls.doubleclick.net/ddm/fls/r/dc_pre=COrCnb_agPACFQMcGwodhxUKHw;src=8923196;type=grato0;cat=grato0;ord=8016789875594;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
content-encoding: gzip
etag: "9BXR5o2ektbbjpKQZDKFMQ=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 22 Apr 2021 16:50:08 GMT

GET
H/1.1

200

rs
tags.w55c.net/ Frame 2774
Redirect Chain

https://tags.w55c.net/rs?id=8307605575884c4fadc6455ef50b1084&t=marketing
https://tags.w55c.net/rs?sccid=73364a09-5965-5bad-07f0-d48ad359677b&scc=1&id=8307605575884c4fadc6455ef50b1084&t=marketing

42 B
637 B

48ms
48ms

Image
image/gif

18.157.138.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.w55c.net/rs?sccid=73364a09-5965-5bad-07f0-d48ad359677b&scc=1&id=8307605575884c4fadc6455ef50b1084&t=marketing
Requested by: Host: 8902294.fls.doubleclick.net
URL: https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.157.138.23 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Retargeting/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://8902294.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
Server: Retargeting/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
Server: Retargeting/v2.0.30-639-g719035a#rel-ec2-master i-013d87c18de960209@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://tags.w55c.net/rs?sccid=73364a09-5965-5bad-07f0-d48ad359677b&scc=1&id=8307605575884c4fadc6455ef50b1084&t=marketing
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 194448 Show response
beacon.sojern.com/pixel/p/ Frame 2774 2 KB
730 B 75ms
74ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/p/194448?f_v=v6_js&p_v=1&vid=hot&cid=
Requested by: Host: 8902294.fls.doubleclick.net
URL: https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 119.244.178.107.bc.googleusercontent.com
Software: /
Resource Hash: 9261c8e18ca527e4edd7c682dbf90dda50992a86e6fc45ea28da3f58fa9f450a

Request headers

Referer: https://8902294.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
content-encoding: gzip
content-type: application/javascript
alt-svc: clear
content-length: 573

GET
H2 200 rules-p-8SxB_qX2Svbjv.js Show response
rules.quantcount.com/ Frame 5BE9 821 B
1 KB 756ms
404ms Script
application/x-javascript 2600:9000:20e8:4400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-8SxB_qX2Svbjv.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20e8:4400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2a85c510b76037f4b496d633c0cb2b89dbca4617a9a86e4de611de5f7a0c76c

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Thu, 15 Apr 2021 16:50:10 GMT
via: 1.1 e670d901736ac01599c0ed6fbe3a3c58.cloudfront.net (CloudFront)
last-modified: Tue, 09 Feb 2021 19:16:44 GMT
server: AmazonS3
x-amz-cf-pop: TXL52-C1
etag: "cb3c15a3c352ce9d720941c1d6aaaf98"
x-cache: RefreshHit from cloudfront
content-type: application/x-javascript
cache-control: max-age=3600
accept-ranges: bytes
content-length: 821
x-amz-cf-id: Qh6Ifo_4parrxPCV-uewVbcV6wZg2P7gYuTFsMmz3jx0a9BRXzHg5A==

GET
H3-29 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame DE78 50 KB
25 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&co=aHR0cHM6Ly9ncmF0b25yZXNvcnRjYXNpbm8uY29tOjQ0Mw..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=qqkiteszms4r

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 12:03:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
age: 17228
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25497
x-xss-protection: 0
expires: Fri, 15 Apr 2022 12:03:00 GMT

GET
H3-29 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/ Frame DE78 334 KB
130 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:17:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1986
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133125
x-xss-protection: 0
last-modified: Mon, 12 Apr 2021 21:07:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Apr 2022 16:17:02 GMT

GET
H3-29

200

pixel
fcmatch.youtube.com/ Frame 2774
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=RvebFwo3pBZDY2Xsln-IyA&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDope4XBH5f4ij_tUfT4J_e7e4BUPqnnoXNqcQn02eHj6MTsDzomtXRVruM8Q9mB4qPctSim9NmwyF8oC0oq3mmaYiaOHt5HJsCNnlZk409WrcEjYEQA
https://fcmatch.youtube.com/pixel?google_gm=AMnCDope4XBH5f4ij_tUfT4J_e7e4BUPqnnoXNqcQn02eHj6MTsDzomtXRVruM8Q9mB4qPctSim9NmwyF8oC0oq3mmaYiaOHt5HJsCNnlZk409WrcEjYEQA

170 B
189 B

29ms
14ms

Image
image/png

2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDope4XBH5f4ij_tUfT4J_e7e4BUPqnnoXNqcQn02eHj6MTsDzomtXRVruM8Q9mB4qPctSim9NmwyF8oC0oq3mmaYiaOHt5HJsCNnlZk409WrcEjYEQA

Requested by

Host: 8902294.fls.doubleclick.net
URL: https://8902294.fls.doubleclick.net/ddm/fls/r/dc_pre=CKiQnr_agPACFYKEhQodPkINNw;src=8902294;type=grato000;cat=grato0;ord=4528790023905;gtm=2wg472;auiddc=1763224146.1618505408;~oref=https%3A%2F%2Fgratonresortcasino.com%2F

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://8902294.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDope4XBH5f4ij_tUfT4J_e7e4BUPqnnoXNqcQn02eHj6MTsDzomtXRVruM8Q9mB4qPctSim9NmwyF8oC0oq3mmaYiaOHt5HJsCNnlZk409WrcEjYEQA
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

src=8262897;dc_pre=COa_xL_agPACFUBCHgIdWyEC-Q;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
adservice.google.com/ddm/fls/z/ Frame 2774
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8262897;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
https://ad.doubleclick.net/ddm/activity/src=8262897;dc_pre=COa_xL_agPACFUBCHgIdWyEC-Q;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=COa_xL_agPACFUBCHgIdWyEC-Q;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

42 B
63 B

42ms
42ms

Image
image/gif

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=COa_xL_agPACFUBCHgIdWyEC-Q;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8902294.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:08 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8262897;dc_pre=COa_xL_agPACFUBCHgIdWyEC-Q;type=sales;cat=graft0;qty=1;cost=0;u1=;u16=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ Frame 2774 0
994 B 439ms
69ms Image
application/javascript 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1132004&t=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://8902294.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
X-Proxy-Origin: 185.236.42.214; 185.236.42.214; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: e40be5c0-e45a-42b2-9de5-f0920890a300
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ Frame 2774 0
1 KB 490ms
50ms Image
application/javascript 185.33.221.53
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=18436262&t=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://8902294.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 15 Apr 2021 16:50:08 GMT
X-Proxy-Origin: 185.236.42.214; 185.236.42.214; 718.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.186:80
AN-X-Request-Uuid: 4ac7c6cb-d0a8-4010-abac-1efdc686f5f4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ Frame 5BE9 36 KB
14 KB 442ms
69ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-707911747

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13879
x-xss-protection: 0
server: cafe
etag: 4168474919333271250
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 15 Apr 2021 16:50:08 GMT

GET
H3-29 200 nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js Show response
www.google.com/js/bg/ Frame DE78 14 KB
6 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/bg/nJgQBbi9e67luuPQsbYqHEmsm830gYut4k8gaNTq0Fg.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c981005b8bd7baee5bae3d0b1b62a1c49ac9bcdf4818bade24f2068d4ead058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&co=aHR0cHM6Ly9ncmF0b25yZXNvcnRjYXNpbm8uY29tOjQ0Mw..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=qqkiteszms4r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:33:29 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Wed, 24 Mar 2021 17:00:00 GMT
server: sffe
age: 76599
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5740
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:33:29 GMT

GET
H3-29 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame DE78 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 13 Apr 2021 16:01:47 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
age: 175701
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
expires: Tue, 20 Apr 2021 16:01:47 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE78 15 KB
15 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
age: 369990
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame DE78 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.google.com
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 23:58:35 GMT
x-content-type-options: nosniff
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
age: 60693
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
expires: Thu, 14 Apr 2022 23:58:35 GMT

GET
H3-29 200 webworker.js
www.google.com/recaptcha/api2/ Frame DE78 102 B
131 B 23ms
17ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=mrdLhN7MywkJAAbzddTIjTaM

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&co=aHR0cHM6Ly9ncmF0b25yZXNvcnRjYXNpbm8uY29tOjQ0Mw..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=qqkiteszms4r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 15 Apr 2021 16:50:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Thu, 15 Apr 2021 16:50:08 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/707911747/ Frame 5BE9 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/707911747/?random=1618505409250&cv=9&fst=1618505409250&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&ig=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8923196.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOrCnb_agPACFQMcGwodhxUKHw%3Bsrc%3D8923196%3Btype%3Dgrato0%3Bcat%3Dgrato0%3Bord%3D8016789875594%3Bgtm%3D2wg472%3Bauiddc%3D1763224146.1618505408%3B~oref%3Dhttps%253A%252F%252Fgratonresortcasino.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b7eee43b8c073ae4069ad7b77a5b3c554af4ba0618ae603a493b571247b6475

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1173
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 reload Show response
www.google.com/recaptcha/api2/ Frame DE78 9 KB
7 KB 43ms
43ms XHR
application/json 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/mrdLhN7MywkJAAbzddTIjTaM/recaptcha__en.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7ccf9aa655b6f797e74ca81c23d4ef7db7be886186652bdd36c9c94da1d04270

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcdIUAaAAAAAFsBmzArUbftKLBxI4tYVsajd1l3&co=aHR0cHM6Ly9ncmF0b25yZXNvcnRjYXNpbm8uY29tOjQ0Mw..&hl=en&v=mrdLhN7MywkJAAbzddTIjTaM&size=invisible&cb=qqkiteszms4r
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 15 Apr 2021 16:50:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
content-security-policy: frame-ancestors 'self'
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6666
x-xss-protection: 1; mode=block
expires: Thu, 15 Apr 2021 16:50:09 GMT

GET
H2 200 pixel;r=839623409;labels=_fp.event.Homepage;rf=0;a=p-8SxB_qX2Svbjv;url=https%3A%2F%2F8923196.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOrCnb_agPACFQMcGwodhxUKHw%3Bsrc%3D8923196%3Btype%3Dgrato...
pixel.quantserve.com/ Frame 5BE9 35 B
475 B 11ms
9ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=839623409;labels=_fp.event.Homepage;rf=0;a=p-8SxB_qX2Svbjv;url=https%3A%2F%2F8923196.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOrCnb_agPACFQMcGwodhxUKHw%3Bsrc%3D8923196%3Btype%3Dgrato0%3Bcat%3Dgrato0%3Bord%3D8016789875594%3Bgtm%3D2wg472%3Bauiddc%3D1763224146.1618505408%3B~oref%3Dhttps%253A%252F%252Fgratonresortcasino.com%252F;ref=https%3A%2F%2Fadservice.google.com%2F;uht=2;fpan=1;fpa=P0-88117066-1618505409263;pbcn=u;pbc=;ns=1;ce=1;qjs=1;qv=b0f2076b-20210414175820;cm=;gdpr=0;d=8923196.fls.doubleclick.net;je=0;sr=1600x1200x24;dst=1;et=1618505409263;tzo=-120;ogl=

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 /
www.google.com/pagead/1p-user-list/707911747/ Frame 5BE9 42 B
69 B 22ms
22ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/707911747/?random=1618505409250&cv=9&fst=1618502400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8923196.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOrCnb_agPACFQMcGwodhxUKHw%3Bsrc%3D8923196%3Btype%3Dgrato0%3Bcat%3Dgrato0%3Bord%3D8016789875594%3Bgtm%3D2wg472%3Bauiddc%3D1763224146.1618505408%3B~oref%3Dhttps%253A%252F%252Fgratonresortcasino.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&async=1&fmt=3&is_vtc=1&random=3542310803&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 /
www.google.de/pagead/1p-user-list/707911747/ Frame 5BE9 42 B
64 B 38ms
22ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/707911747/?random=1618505409250&cv=9&fst=1618502400000&num=1&bg=ffffff&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa472&sendb=1&data=event%3Dgtag.config&frm=2&url=https%3A%2F%2F8923196.fls.doubleclick.net%2Fddm%2Ffls%2Fr%2Fdc_pre%3DCOrCnb_agPACFQMcGwodhxUKHw%3Bsrc%3D8923196%3Btype%3Dgrato0%3Bcat%3Dgrato0%3Bord%3D8016789875594%3Bgtm%3D2wg472%3Bauiddc%3D1763224146.1618505408%3B~oref%3Dhttps%253A%252F%252Fgratonresortcasino.com%252F&ref=https%3A%2F%2Fadservice.google.com%2F&async=1&fmt=3&is_vtc=1&random=3542310803&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8923196.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 15 Apr 2021 16:50:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/recaptcha	1970-01-19 21:54:17	Name: _GRECAPTCHA Value: 09ANblmngL-ZFsEit648iiNJ8dDfo8M8GX3HcHyZa26r015jHiQK-TLyzPK06QXsrZG0X-NxCGqUlO99Ofm_VoCYg
.rfihub.com/	1970-01-20 02:56:41	Name: eud Value: H4sIAAAAAAAAAF3Pv0oDQRAGcBSvCoHAvUFIuzKzmd3bsTss1EoEm5Sb_ZMQ0C4E8hgpr7zyypQ-go9gaZkyZSq18m62GPjBfN-w08nr-4NG_nsLoHD_shmjRWfAEDiD1Fz1DJo74U_hk_BF-HA9dCPcCnfCR-EP4bPM3wz9JdwWk8Xjerur6_rp-c3tVzV1RW_Fkj4W4uRIfHk08x4RMpBKNnhF0bHiapl_RwouZQsc3bkXYwC4iJpDqcmaKsEcFFQYFGVXKeaEKsfg5yZi8jHc_YduWTdlrxSta8th6bfwDw2aJ2DwAQAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDE2MDUyMLYwMhfiM9T1dTE3iDctdMpyMykGAGT7xGQlAAAA
.rfihub.com/	1970-01-20 02:56:41	Name: rud Value: H4sIAAAAAAAAAOMSNrQwNzAxNzS1NDE2MDUyMLYwMhfiM9T1dTE3iDctdMpyMymW4jU0M7QwNTA1MbAwMLIAADXWbxk0AAAA
.gratonresortcasino.com/	1970-01-19 17:35:05	Name: _gat_UA-38300776-1 Value: 1
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAABXEMQ5BQRAA0BAH-GcQ7cjM_7O7M7qNApVINL9cs7M0dCJROoYjOCVe8ebd8bbpSf9GZFsfPpNu3F7uj5zzbn-V5znze7oohQgbMni0AlxFQdOp_XITbxG1ymvWcwzJcUDARAbcJIGqE7RqZQiVvFRbUSQJGBhlqf0XS-CoLIEAAAA
.doubleclick.net/	1970-01-20 02:56:41	Name: IDE Value: AHWqTUlHLf-eLS0eGhpv5H3KNfZm04MKL-eSIMcHoNgfTOiawSeSJq0inApAIPhACc8
.gratonresortcasino.com/	1970-01-19 17:36:31	Name: _gid Value: GA1.2.288139324.1618505408
.gratonresortcasino.com/	1970-01-20 11:06:17	Name: _ga Value: GA1.2.651161342.1618505408
.gratonresortcasino.com/	1970-01-19 19:44:41	Name: _gcl_au Value: 1.1.1763224146.1618505408

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://gratonresortcasino.com/wp-content/plugins/jquery-updater/js/jquery-migrate-3.3.0.min.js?ver=3.3.0(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20822499p.rfihub.com
8902294.fls.doubleclick.net
8923196.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
adservice.google.de
beacon.krxd.net
beacon.sojern.com
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cm.g.doubleclick.net
contextual.media.net
d37qwjs3c1carq.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
fcmatch.google.com
fcmatch.youtube.com
fonts.gstatic.com
googleads.g.doubleclick.net
gratonresortcasino.com
ib.adnxs.com
idsync.rlcdn.com
live.rezync.com
match.adsrvr.org
p.rfihub.com
partners.tremorhub.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sojern.com
ps.eyeota.net
rules.quantcount.com
secure.adnxs.com
secure.quantserve.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tags.w55c.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
x.dlx.addthis.com
107.178.244.119
13.33.25.41
142.250.185.130
142.250.186.130
142.250.74.198
151.101.114.49
18.157.138.23
18.184.216.10
185.33.221.53
185.94.180.126
193.0.160.129
2.18.234.21
2.18.235.93
23.45.110.176
23.79.152.128
2600:1f18:612b:4232:16e5:e760:b671:d648
2600:9000:20e8:4400:6:44e3:f8c0:93a1
2600:9000:20eb:9400:12:6850:a180:93a1
2600:9000:21f3:e600:1:76cf:fe80:93a1
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:80:800::7001
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:812::2004
2a00:1450:4001:813::200e
2a00:1450:4001:82a::2008
2a00:1450:4001:82b::200e
2a00:1450:400c:c0c::9c
34.192.69.218
34.246.207.243
34.246.39.225
35.158.9.168
35.244.174.68
37.252.172.37
52.56.207.211
69.173.144.139
80.252.91.52
99.80.111.254
99.84.156.85
030235ab6fc1739381df015b815a93e2ed3921f09832954dbacde9991708e27a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bffb3c9d4c39ac2080bd7d61dfcbec9b2de0d445261a91fa19132cea7d4d65e
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
1320330f3e55f28a775029da7931bc484328fb0ea2ebdbbc594ded640674aeb0
14d0f5a36c3f4271ee7ca8fe17fba06419a2420196a988849d91b652bb5e753f
1574e89f09d15f5c0b502e03318bf8e42f6993bc76761f01d4189d9c7cac1a2f
169be81b24c41457eeac197d2f6ad2dd2838d98599adf905b6cb134550c1ef9f
1b1a6b6ed0c7272f207d23b911782adc056ab95590cdab3566f9cdad02138bff
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1e3f3d4763ec6b675e00617895509a8e724dc4746cd94882941a84823cfd17c3
24114df3e45b7613ec2fbbdbc46c577de44e42045a11db381f5e8f3461871cb2
26f87df80e0735b6d6b169750f0ee403336c537cbc7a51888cb9d449434cb4b8
2922003b2a349ff82479dbe37388650e82ee133794cbc5abc359fe5e703650fd
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2f062009434f87d2ebc1e3af77ab82c0f15bea61bbd887e7fd03dd9cce3675eb
32086d2374fbb741f61598bfcaa9834b5bafcf47bfca17d01f7ca7c1194fee10
3238c2a5c17143f644defd11323b528d4a61d806bb44e8248e2ee9f835093865
36d6e18cead8b7fc0df7771a0504f07d003dc73db02017517270af2b0fa673d8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e280d3a7ab1c59e5218d21fdd19e01c9386971596928ffb62274061e5186a9e
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
52ed393a01b79faa5f8bdcce964c15e824e054a707db5a5f09779bf8b4172f5c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
57bbc3327c673959cf5421bc0e40332d868768cfc303038d65802351e453ac34
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
611ebba237a91b59a6b0f1c618fb42b66c700606dc30921fba88b381c5aa01e7
671792033b9675a4d8ddbdfbb6b048da36b11b6d569c4f92ad3f785e71bba8de
6a25fe466a8346987bce0fc05b86f85762cfa3acc0b6fb3ca8bb946770d769fd
6ea6159c0fd34ded781dcd6111de9e9abb7f9e621e09cd393ef919dd7cc5b5ff
7bab1863edc3bc3996529df69f3f398bea8c9f7dd90eeb1195aba0094f9cdf00
7ccf9aa655b6f797e74ca81c23d4ef7db7be886186652bdd36c9c94da1d04270
7d295296ba33a6b6477696a149c222f5c8e07a41055c0895c5883c1922179054
7e4a31eacb48660d0bf468145e917d6240f75a47b98673a189279268d788dcce
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
80a0600300dba5a045704e2922768c9cb5902a83625494649b191d169ee6eab3
80a7fde36463242ed3563710d24967a52c1c1588e31792b6c8dc9c5f5c38247f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83e47443b6c55e5abd64e31fd336ded02de6024df5057c93990ca5e9705b1725
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87b7fc08b701ebe637cb6d8079f510482e8202805b010e5d1b7296be76cca322
8a0e1b4c1f52b5fa3ff2b955f158aa5c94b097c558a4deedf7d9613aea5c5947
8b7eee43b8c073ae4069ad7b77a5b3c554af4ba0618ae603a493b571247b6475
9261c8e18ca527e4edd7c682dbf90dda50992a86e6fc45ea28da3f58fa9f450a
9290da584011cfaf8159a53a856bffdd3d47c70ba958c54195365065c9550274
9306307dc5fa8b578d0ec0feda67ae5800950be5c40b4c1cf7d392b7ff4eb216
95a2ff1587434460ce1cd740623d09712a48e98aad0a474cf7a4339a01b6d37c
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
995807f21961839f41177e1416e7e26c54b232803615763ffc2e0648d237883c
9adf3b4e19f4bfacb68a7a6c777c827be9fa024fc37246924186b3da3280e6e7
9c981005b8bd7baee5bae3d0b1b62a1c49ac9bcdf4818bade24f2068d4ead058
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a552fc47976562149b9247ee7d5ebb013ddd55ad64f2a9f7c83c958dcca36859
a7a1e62e56cf30e058cb9264a56ca0c4d4702d385a3b38506b15c3ec65a3e3dd
a8f7faf0db57761fd22f595d1a05c6ea1e9695acd68b164f6cad401aa0621f31
ab034c7b1ca5f1bf3bcc5ad8cd44e26bcc1cbc11f00ce099f17f772c1883e4c6
ae1770d62a2252513a871afa811b8bdeb491dea05f29daf1644dee199a1afedb
ae8d8f2df4c8214ee2e0348398060d8c5301aec19703a30fc0196cb8e05098e2
af1aca5968c934d2d68a6dff5f6154524d1432a17728863504349be79153741f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2a85c510b76037f4b496d633c0cb2b89dbca4617a9a86e4de611de5f7a0c76c
b30169a38c7ecd17eefc119177c0c61337b17a8f1abfd337ac37284d1a04a65b
b58b361f54c60ea6f7f276f068766df9f330c2740412973a60565d4f19003b24
b7c280d3715373b8b4cc8989706e059bf8c1d3ceedcd0cc985d74b18bf626cfa
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc9d705ee6c02fde87c2069b74221c2172f27d659282a53756f9b3634fab4f27
c19def3576a41fd9383f4d1f3460256cdd0f929292ca145aefa205cb85753d81
c525d1451ef57add208417bb118ca9be2a091419d4bfdd84001918069861b69d
c52c11cc9338b3eab968a005a5a0d6cbb9f80da1016d4f755078a8ecfd089bcb
c7d4fc4eb08918e0900462776d50c210770c83c9305934f7f85caf9035338eb7
ccbcc2e35045cc6d24c97856d611e08715dfe11ebe1ed2014b5a207367445510
ccff49c86ee1937dd371734a05307e1abc057b3c255587ed918e47b1cf728d93
cd7dbd577fe6523df243d0f4a58ece2823030ecead80ed607df06406cd4b041a
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d5640bb830e2acbef33624b7d528f044cc65694e4b295a975c96f9b29e9ff943
d59bf6f772c44e0fb74fae16abb757bddf2600adc89641262accbe06d68b7de1
d87aaa11549edb8037c429c32d083c7004d4fb26db52c09ce84dc4c09cc476b9
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4ddf4cd3bb81b9a71e265ccc2f5530c6607690ad04d52db5db8e8de4e725505
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ea24ada0340a180509e7b001c942956f11e5ea345a335c2be1f6358579ae65c8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5d1de019f464e8279bd2003b66defb192aee756b3675dacf468a9d39e7a7240
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f918adfae4672ad3160e57cc94881753f1c4ee02c9f7e3f569c17b4c8109594a
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

gratonresortcasino.com Open in urlscan Pro 13.33.25.41 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

119 Requests

100 %HTTPS

41 %IPv6

36 Domains

50 Subdomains

37 IPs

6 Countries

2845 kBTransfer

4258 kBSize

10 Cookies

6 Outgoing links

Page URL History

Redirected requests

119 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

gratonresortcasino.com Open in urlscan Pro
13.33.25.41 Public Scan

Screenshot
Live screenshot

Full Image

119
Requests

100 %
HTTPS

41 %
IPv6

36
Domains

50
Subdomains

37
IPs

6
Countries

2845 kB
Transfer

4258 kB
Size

10
Cookies

119 HTTP transactions
1 data transactions