www.downtowngrand.com Open in urlscan Pro
104.18.160.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://downtowngrand.com/
Effective URL:
https://www.downtowngrand.com/
Submission Tags: tranco_l324
Submission: On April 19 via api (April 19th 2024, 9:38:02 am UTC) from DE — Scanned from DE

Summary HTTP 117 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 44 IPs in 7 countries across 45 domains to perform 117 HTTP transactions. The main IP is 104.18.160.83, located in and belongs to CLOUDFLARENET, US. The main domain is www.downtowngrand.com.
TLS certificate: Issued by GTS CA 1P5 on April 3rd 2024. Valid for: 3 months.

This is the only time www.downtowngrand.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	104.18.160.83 104.18.160.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:1fea	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:267... 2600:9000:2670:5400:b:4a4a:a7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225e:b400:1:279d:1d40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:c218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2600:9000:223... 2600:9000:223c:f800:5:8193:8e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.239.185.106 44.239.185.106	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:5049	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	3.122.209.4 3.122.209.4	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a01:111:202c... 2a01:111:202c::237	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	3.161.82.117 3.161.82.117	16509 (AMAZON-02) (AMAZON-02)
2	35.234.162.151 35.234.162.151	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:a453	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	23.73.140.164 23.73.140.164	16625 (AKAMAI-AS) (AKAMAI-AS)
17 22	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:211... 2600:9000:211e:2c00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4200:3416:c384:676d:d461	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	3.127.182.109 3.127.182.109	16509 (AMAZON-02) (AMAZON-02)
1 1	18.194.168.76 18.194.168.76	16509 (AMAZON-02) (AMAZON-02)
2 2	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.244.174.68 35.244.174.68	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.78.254.47 54.78.254.47	16509 (AMAZON-02) (AMAZON-02)
1	52.44.174.41 52.44.174.41	14618 (AMAZON-AES) (AMAZON-AES)
1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.211.13.38 52.211.13.38	16509 (AMAZON-02) (AMAZON-02)
1	52.213.144.60 52.213.144.60	16509 (AMAZON-02) (AMAZON-02)
1 1	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.85 37.252.171.85	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
117	44

20 104.18.160.83 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

downtowngrand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.downtowngrand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1fea (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:2670:5400:b:4a4a:a7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

frontend.cdn.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

widgets.gtsgig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:b400:1:279d:1d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

forge.gtsgapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:c218 (United States)

ASN13335 (CLOUDFLARENET, US)

frontend.tambo.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:223c:f800:5:8193:8e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

symphony.cdn.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.185.106 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-185-106.us-west-2.compute.amazonaws.com

contact-api.inguest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5049 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.209.4 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-209-4.eu-central-1.compute.amazonaws.com

6119418.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a01:111:202c::237 (United Kingdom)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.226 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-117.fra56.r.cloudfront.net

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.234.162.151 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 151.162.234.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a453 (United States)

ASN13335 (CLOUDFLARENET, US)

api.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.73.140.164 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a23-73-140-164.deploy.static.akamaitechnologies.com

2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 34.91.62.186 (Groningen, Netherlands) 17 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:2c00:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4200:3416:c384:676d:d461 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.182.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-182-109.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.168.76 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-168-76.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.174.41 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-174-41.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.13.38 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-13-38.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.144.60 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-144-60.eu-west-1.compute.amazonaws.com

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.85 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	simpli.fi 17 redirects tag.simpli.fi — Cisco Umbrella Rank: 4569 i.simpli.fi — Cisco Umbrella Rank: 3930 um.simpli.fi — Cisco Umbrella Rank: 821	11 KB
21	tambourine.com frontend.cdn.tambourine.com — Cisco Umbrella Rank: 97065 symphony.cdn.tambourine.com — Cisco Umbrella Rank: 99674 api.tambourine.com — Cisco Umbrella Rank: 107193	9 MB
20	downtowngrand.com 1 redirects downtowngrand.com www.downtowngrand.com	453 KB
19	facebook.com www.facebook.com — Cisco Umbrella Rank: 97	650 B
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 180	81 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	362 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 36 cm.g.doubleclick.net — Cisco Umbrella Rank: 262	495 B
3	bing.com bat.bing.com — Cisco Umbrella Rank: 337	14 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 252	2 KB
2	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 457	140 B
2	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2441	886 B
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 543 d.agkn.com — Cisco Umbrella Rank: 717	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 492	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 536	712 B
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 123	20 KB
2	gstatic.com fonts.gstatic.com	55 KB
2	tambo.site frontend.tambo.site	28 KB
2	gtsgapps.com forge.gtsgapps.com — Cisco Umbrella Rank: 131698	21 KB
2	gtsgig.com 2 redirects widgets.gtsgig.com — Cisco Umbrella Rank: 154595	1010 B
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	2 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 528	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 378	239 B
1	google.de www.google.de — Cisco Umbrella Rank: 7278	64 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	24 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 837	205 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 974	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 986	479 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1613	421 B
1	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1967	324 B
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6610	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 409	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1264	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 666	236 B
1	rackcdn.com 2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com — Cisco Umbrella Rank: 168781	15 KB
1	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2404	250 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 622	149 B
1	thehotelsnetwork.com www.thehotelsnetwork.com — Cisco Umbrella Rank: 37734	8 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104	64 B
1	siteimproveanalytics.io 6119418.global.siteimproveanalytics.io — Cisco Umbrella Rank: 192227	149 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3573	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 817	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	31 KB
1	inguest.com contact-api.inguest.com — Cisco Umbrella Rank: 122491	2 KB
1	termly.io app.termly.io — Cisco Umbrella Rank: 14416	296 KB
0	intentiq.com Failed sync.intentiq.com Failed
117	45

	Domain	Requested by
22	um.simpli.fi	17 redirects
19	www.facebook.com	www.downtowngrand.com
19	www.downtowngrand.com	www.downtowngrand.com frontend.cdn.tambourine.com
16	symphony.cdn.tambourine.com	www.downtowngrand.com
5	connect.facebook.net	www.downtowngrand.com connect.facebook.net
4	www.googletagmanager.com	www.downtowngrand.com www.googletagmanager.com
4	frontend.cdn.tambourine.com	www.downtowngrand.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.downtowngrand.com
2	ib.adnxs.com	1 redirects
2	idsync.rlcdn.com
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	fonts.gstatic.com	fonts.googleapis.com
2	frontend.tambo.site	www.downtowngrand.com
2	forge.gtsgapps.com	www.downtowngrand.com
2	widgets.gtsgig.com	2 redirects
2	fonts.googleapis.com	www.downtowngrand.com
1	cm.g.doubleclick.net
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.google.com	1 redirects
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	loadm.exelator.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com
1	i.simpli.fi	tag.simpli.fi
1	api.tambourine.com	frontend.cdn.tambourine.com
1	region1.google-analytics.com	www.googletagmanager.com
1	insight.adsrvr.org	www.downtowngrand.com
1	tag.simpli.fi	www.googletagmanager.com
1	www.thehotelsnetwork.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	6119418.global.siteimproveanalytics.io	www.downtowngrand.com
1	siteimproveanalytics.com	www.downtowngrand.com
1	static.cloudflareinsights.com	www.downtowngrand.com
1	cdnjs.cloudflare.com	www.downtowngrand.com
1	contact-api.inguest.com	www.downtowngrand.com
1	app.termly.io	www.downtowngrand.com
1	downtowngrand.com	1 redirects
0	sync.intentiq.com Failed
117	52

This site contains links to these domains. Also see Links.

Domain
be.synxis.com
www.instagram.com
symphony.cdn.tambourine.com
www.google.com
www.facebook.com
twitter.com
preferredhotels.com
recruiting.adp.com
www.chargerback.com

Subject Issuer	Validity	Valid
downtowngrand.com GTS CA 1P5	`2024-04-03` - `2024-07-02`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2023-05-03` - `2024-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
frontend.cdn.tambourine.com Amazon RSA 2048 M01	`2023-07-05` - `2024-08-02`	a year	crt.sh
tambo.site E1	`2024-03-25` - `2024-06-23`	3 months	crt.sh
symphony.cdn.tambourine.com Amazon RSA 2048 M02	`2024-01-25` - `2025-02-23`	a year	crt.sh
revinate.com Sectigo RSA Domain Validation Secure Server CA	`2024-02-05` - `2025-03-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-03-10` - `2024-06-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-04-18` - `2024-06-27`	2 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-01-27` - `2024-04-26`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2024-03-18` - `2024-06-10`	3 months	crt.sh
*.thehotelsnetwork.com Amazon RSA 2048 M03	`2023-09-21` - `2024-10-19`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
api.tambourine.com GTS CA 1P5	`2024-03-06` - `2024-06-04`	3 months	crt.sh
*.ssl.cf1.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-29` - `2025-01-29`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.downtowngrand.com/
Frame ID: 5EA5AA3D9A388B7180D5378A975443E5
Requests: 119 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downtown Grand Hotel & Casino | Official Site

Page URL History Show full URLs

http://downtowngrand.com/ HTTP 307
https://downtowngrand.com/ HTTP 301
http://www.downtowngrand.com/ HTTP 307
https://www.downtowngrand.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Termly (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

app\.termly\.io/embed\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

117
Requests

83 %
HTTPS

50 %
IPv6

45
Domains

52
Subdomains

44
IPs

7
Countries

10781 kB
Transfer

13200 kB
Size

29
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://be.synxis.com/?chain=10237&currency=USD&hotel=10443&level=hotel&locale=en-US
Title: BOOK NOW

Search URL Search Domain Scan URL

URL: https://be.synxis.com/signin?_ga=2.111108614.2022330150.1667860689-1878032216.1661993128&_gl=1*mi7gz6*_ga*MTg3ODAzMjIxNi4xNjYxOTkzMTI4*_ga_8KQVZFDT29*MTY2Nzg2MDY4OC43MC4wLjE2Njc4NjA2OTcuNTEuMC4w&adult=1&arrive=2022-11-08&chain=10237&child=0&config=LASDG%C2%A4cy=USD&currency=USD&depart=2022-11-09&hotel=10443&level=hotel&locale=en-US&rooms=1&theme=LASDG
Title: Modify Existing Reservation

Search URL Search Domain Scan URL

URL: https://www.instagram.com/downtown_grand/
Title: downtown_grand

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_14-65ca89ff02b26.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_18-65ef6c173afd0.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_19-65ef6cda5cd32.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_15-65ca8a50e2dd5.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_16-65e0db3118bcd.webp

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Downtown+Grand+Hotel+%26+Casino/@36.1716389,-115.1416128,15z/data=!4m8!3m7!1s0x0:0xd1adfef5affb8705!5m2!4m1!1i2!8m2!3d36.1716389!4d-115.1416128
Title: 206 N. 3rd St. Las Vegas, 89101

Search URL Search Domain Scan URL

URL: https://www.instagram.com/downtown_grand
Title: .cls-1 { fill: #0099b7; fill-rule: evenodd; } Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DowntownGrandLV
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Downtown_Grand
Title: .st0{fill:#0099B7;} Twitter

Search URL Search Domain Scan URL

URL: https://preferredhotels.com/iprefer/enroll?hotel=LASDG
Title: Downtown Grand Hotel & Casino

Search URL Search Domain Scan URL

URL: https://be.synxis.com/signin?adult=1&arrive=2022-03-02&chain=10237&child=0&config=LASDG%C2%A4cy=USD&currency=USD&depart=2022-03-03&hotel=10443&level=hotel&locale=en-US&rooms=1&theme=LASDG
Title: Modify Existing Reservation

Search URL Search Domain Scan URL

URL: https://recruiting.adp.com/srccar/public/RTI.home?c=1160151&d=ExternalCareerSite
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.chargerback.com/ReportLostItemCBEmbed.asp?CustomerID=6857
Title: Lost and Found

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://downtowngrand.com/ HTTP 307
https://downtowngrand.com/ HTTP 301
http://www.downtowngrand.com/ HTTP 307
https://www.downtowngrand.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://widgets.gtsgig.com/boot.js?hotel-downtown-grand HTTP 301
https://forge.gtsgapps.com/boot.js?hotel-downtown-grand

Request Chain 60

https://widgets.gtsgig.com/boot.js?hotel=downtown-grand HTTP 301
https://forge.gtsgapps.com/boot.js?hotel=downtown-grand

Request Chain 95

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 96

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/CC035AD393AD4645BAB1BB3DDD39DA3C HTTP 302
https://sync.1rx.io/usersync/simplifi/CC035AD393AD4645BAB1BB3DDD39DA3C?zcc=1&cb=1713519475690 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-f743e874-9f27-4bad-8808-5fceaed2df9e-003

Request Chain 97

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=CC035AD393AD4645BAB1BB3DDD39DA3C&dongle=yf3

Request Chain 98

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 99

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CC035AD393AD4645BAB1BB3DDD39DA3C HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 100

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CC035AD393AD4645BAB1BB3DDD39DA3C HTTP 302
https://d.agkn.com/pixel/10751/?che=1713519475681&ip=138.199.38.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216623104857001188939 HTTP 302
https://um.simpli.fi/aa_px?sk=216623104857001188939 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 101

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 104

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=CC035AD393AD4645BAB1BB3DDD39DA3C;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=CC035AD393AD4645BAB1BB3DDD39DA3C;mimetype=img;sr HTTP 302
https://idsync.rlcdn.com/400646.gif?partner_uid=4887534150442960766

Request Chain 105

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=CC035AD393AD4645BAB1BB3DDD39DA3C&j=0

Request Chain 107

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 108

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 109

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 110

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 111

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=CC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 112

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1713519475485&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI4bedvf3NhQMVMaaDBx3XpwmiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vd3d3LmRvd250b3duZ3JhbmQuY29tLw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI4bedvf3NhQMVMaaDBx3XpwmiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vd3d3LmRvd250b3duZ3JhbmQuY29tLw&is_vtc=1&cid=CAQSKQB7FLtqJbm64ftcT5x3O9FbWHJaVwhcQ592p3PDLcZuc-nVXtnUMPl5&random=2050319361 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI4bedvf3NhQMVMaaDBx3XpwmiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vd3d3LmRvd250b3duZ3JhbmQuY29tLw&is_vtc=1&cid=CAQSKQB7FLtqJbm64ftcT5x3O9FbWHJaVwhcQ592p3PDLcZuc-nVXtnUMPl5&random=2050319361&ipr=y

Request Chain 114

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=CC035AD393AD4645BAB1BB3DDD39DA3C HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCC035AD393AD4645BAB1BB3DDD39DA3C

Request Chain 115

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CC035AD393AD4645BAB1BB3DDD39DA3C&expires=365

Request Chain 116

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=CC035AD393AD4645BAB1BB3DDD39DA3C

117 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.downtowngrand.com/
Redirect Chain

http://downtowngrand.com/
https://downtowngrand.com/
http://www.downtowngrand.com/
https://www.downtowngrand.com/

87 KB
17 KB

679ms
662ms

Document
text/html

104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b4f281e18e4dd27c51241ba9d3fb3addc7344c8d82c3f09a2ad125ac6e7b3c34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 876beb1b88c765ac-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 19 Apr 2024 09:37:52 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.downtowngrand.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 embed.min.js Show response
app.termly.io/ 994 KB
296 KB 254ms
61ms Script
application/javascript 2606:4700::6812:1fea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1fea , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f46b4cf8e5cc9add5eeafc7cb0a4607940cdb8f18dda48107f4e2a199bf89a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:52 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 7053
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Thu, 18 Apr 2024 21:23:13 GMT
server: cloudflare
etag: W/"66218f41-f87da"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 876beb21bcab6ae2-FRA
expires: Fri, 19 Apr 2024 13:37:52 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 224ms
31ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600|Jost:300,regular,500,200,600

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

13f44f67e029e2e9d0c55cafb39b8825edec88f065b687bb386fe7a42647b54a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Apr 2024 09:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 09:37:52 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Apr 2024 09:37:52 GMT

GET
H2 200 symphony.css
frontend.cdn.tambourine.com/assets/ 22 KB
23 KB 1378ms
1186ms Stylesheet
text/css 2600:9000:2670:5400:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/symphony.css?D6CW2l
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5400:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9122305c0f2aeb3f1d123c1be6ae4cd4bb13eff00f7f06263709d825f05507a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 21:28:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "cedac6609b5603591037359bb9fe71a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 22695
x-amz-cf-id: LljJbWQqziPJYmhVJdpvRZJSpMA9BncBuo5IKup3hraeb3b-mghQdQ==

GET
H2 200 style.css
www.downtowngrand.com/assets/ 303 KB
45 KB 149ms
134ms Stylesheet
text/css 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/assets/style.css?D6CW2l

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8a2ffc94f24d970dd7b784e8dfdce99ff3a078c48307242642ce956a8379b8ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Thu, 04 Jan 2024 14:48:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6596c55a-4bae1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
cf-ray: 876beb209eb165ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:52 GMT

GET
H2 200 jquery-3.7.0.min.js Show response
frontend.cdn.tambourine.com/assets/js/ 85 KB
86 KB 1236ms
1043ms Script
application/javascript 2600:9000:2670:5400:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/js/jquery-3.7.0.min.js
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5400:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 21:28:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "e6c2415c0ace414e5153670314ce99a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 87462
x-amz-cf-id: 5atjuPXGWnSBYixEiV8lV-zxx0wM-FrHg9Uvkv9K16uO87yR-zZVfA==

GET
H2

200

boot.js Show response
forge.gtsgapps.com/
Redirect Chain

https://widgets.gtsgig.com/boot.js?hotel-downtown-grand
https://forge.gtsgapps.com/boot.js?hotel-downtown-grand

31 KB
11 KB

337ms
0ms

Script
application/javascript

2600:9000:225e:b400:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/boot.js?hotel-downtown-grand
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Server: 2600:9000:225e:b400:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63455673c8c5ab5d9c89fbe8fc7821fa50466f1e451744c05dbf8d3b89a2d679

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 04:39:42 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Mon, 15 Apr 2024 15:30:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 17893
x-amz-server-side-encryption: AES256
etag: W/"0940275c8d1b63d7c4a2091254fb358c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: rUFKpiF9Ve2s02dKxEtqwfhrJApzAR-MhDI_HWSlAn4vLBcaM3hIDg==

Redirect headers

date: Fri, 19 Apr 2024 09:37:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N3FkGIgql1Y7FRZ9qX0tCy2NcO0FKwkcKVHmT9N5JvgBez7wCM74K86UmjK9kH722URBsAsrsPWcBFFYIIrWmEhm%2BMA09A7jyuXcIodwET%2BFWtMJhR37CCIQFhlf9H6mtTmR6ep2AMca6IygTEXHjqs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://forge.gtsgapps.com/boot.js?hotel-downtown-grand
cache-control: max-age=3600
cf-ray: 876beb2adbba5caa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Fri, 19 Apr 2024 10:37:54 GMT

GET
H2 200 Logo.svg
www.downtowngrand.com/assets/svg/ 5 KB
2 KB 233ms
219ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/Logo.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704519bb19f37f802ae6c1b1a9bff22b8c67cc797650cc8c33c353d23837b254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-126d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 876beb209eb265ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:52 GMT

GET
H2 200 date_range_picker.js Show response
frontend.tambo.site/includes/js/ 87 KB
26 KB 405ms
213ms Script
application/javascript 2606:4700::6810:c218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.tambo.site/includes/js/date_range_picker.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c5c3d76cb0beb426e085fa5de4bfd09dd1c73854668723b5b1d12fb1c75f67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server-name: aws_dev
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 16:38:56 GMT
server: cloudflare
etag: W/"5dcc31a0-15d28"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 876beb21bf6a5b74-FRA
expires: Sun, 19 May 2024 09:37:53 GMT

GET
H2 200 date_range_picker.css
frontend.tambo.site/includes/css/ 6 KB
2 KB 217ms
211ms Stylesheet
text/css 2606:4700::6810:c218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.tambo.site/includes/css/date_range_picker.css

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

052e58079bc72cbc064ece64e0df1af113fbb15d92fc3aa6c42596d0d5ffed9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server-name: aws_dev
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 16:38:56 GMT
server: cloudflare
etag: W/"5dcc31a0-19b1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 876beb221f9a5b74-FRA
expires: Sun, 19 May 2024 09:37:53 GMT

GET
H2 200 untitled-design-72-63fea79e0512c.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 94 KB
95 KB 149ms
23ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/untitled-design-72-63fea79e0512c.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c67a07118d1af64f10aaeec8657870df333c1b2e40199d02a0a5a376c9a031c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: HFKRFKJFV9RxiO4YpHL127sPYAk3DS0D
date: Fri, 19 Apr 2024 09:37:53 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 01:17:20 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 14716
x-amz-server-side-encryption: AES256
etag: "0038edc1ae92519e27204801d6a802da"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 96500
x-amz-cf-id: wE3bwUd0EcSwqWm1Bohf5tx9lnxALEXCgwQR63hVXZ-ot8ZYBAopLQ==

GET
H2 200 untitled-design-71-63fea71a475cd.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 53 KB
54 KB 130ms
16ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/untitled-design-71-63fea71a475cd.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acca2ce795ec76be5166a6f07ca71c7a760816fda9e87281fde99da7fdf13f30

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: .E1BA5LTTiO1K3j7_612kNA9ucYYwq5Y
date: Fri, 19 Apr 2024 09:37:53 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 01:15:08 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 14716
x-amz-server-side-encryption: AES256
etag: "35245b2e0d441e20e91cc6ce185edb10"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 54366
x-amz-cf-id: Gwuk_2wcHIDlVbg9LD-X8usNyPepdtHZvPN75nGfyzJA8wWh16JV3A==

GET
H2 200 reason-quad---freemont-632b5746ec8a8.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 183 KB
184 KB 15ms
12ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/reason-quad---freemont-632b5746ec8a8.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 454ac6445a518db55bd064f5923cdea9a99337e3d936745ca47b088a729aac6f

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: ba7nomKhvr.n1N.mQ59ukRg6E32Jj2Gb
date: Fri, 19 Apr 2024 09:37:53 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11637
x-amz-server-side-encryption: AES256
etag: "53520e48dcddf95450169c161884a0f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 187592
x-amz-cf-id: JB_SuA3Skbt4sBQvoEZxzJDveM8EBP7qldtWx-J0NWePBqLbudqlKQ==

GET
H2 200 3rd-st_concert-2-63d1cba0492ad.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 4 MB
4 MB 13ms
13ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/3rd-st_concert-2-63d1cba0492ad.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6123bcba0dee5f039a3396930d04e017d752851fa3bbcde2c7f44e331cc33e96

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: LYL1cBMnuMitULP.l7t4.yartItSP7Mk
date: Thu, 18 Apr 2024 16:29:57 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:45:57 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 61677
x-amz-server-side-encryption: AES256
etag: "5c2daa31d62a98d91cb1e5e80c4569ce"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 3870798
x-amz-cf-id: NjjRw5hEcX7NlYvV-D6xzASeorc7-yI0Cu26PpdQZa49iHfI_EhZNQ==

GET
H2 200 untitled-design-70-63fea36b12688.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 52 KB
52 KB 27ms
23ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/untitled-design-70-63fea36b12688.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e00e800c8cd3187727b992b8d7eaa1853abdd42723fc11cd45bfd2022259a54a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: kvpFeM_p8kVMvYbUr5kmk.JXNlZXIBvB
date: Fri, 19 Apr 2024 09:37:54 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 00:59:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 28582
x-amz-server-side-encryption: AES256
etag: "69a0b4b690572c8e76bab7183b3493e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 52960
x-amz-cf-id: sVzF3hpRkkPDS0lD5ha6dTKiqxFjFXAh6kUywmHnddbUzDPJdt9Cng==

GET
H2 200 fandb-quad---t-george-632b23872ba3e.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 122 KB
122 KB 36ms
32ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---t-george-632b23872ba3e.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efb20a60bf8a76de2a1cff4fe7d564cfdc5ed46eb576a0aadfe7e2824a89d1fd

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 4m1zpn5XCH8Gfrxhki9M2eelZkp_nAvn
date: Fri, 19 Apr 2024 09:37:54 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 14717
x-amz-server-side-encryption: AES256
etag: "4a6a93562fc49c0e85d06e5e3e4b2520"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 124692
x-amz-cf-id: oV0gQ6nmSYzzGHyOx6kvXKSPxwGqLkZJxbovncKYCBpWWwqipguSpQ==

GET
H2 200 sidebar1-632b2b8ea486f.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 145 KB
145 KB 13ms
10ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/sidebar1-632b2b8ea486f.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44fc462799839c3cd6ef6a53f2d92b7c586edf219e4434d7b829f3d15f642af3

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Thu, 18 Apr 2024 11:18:04 GMT
x-amz-version-id: C.Z50wNqzfxtKHJrYrGuZ0dNKxzWNXC3
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 80391
etag: "fabc847b3fe33fc26d58ef7db6609665"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 148084
x-amz-cf-id: bdR8tXJce3ZvjMj_JeR-1SRXaiOvldEbJhIOau-dugo7aSQgDdkrCw==

GET
H2 200 fandb-quad---freedom-632b27f7a5846.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 141 KB
142 KB 28ms
25ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---freedom-632b27f7a5846.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 886915e7d408d04a6c7b4ec0ca3879ce8f206d7f99b5ff26b142f0085c64eee1

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: M8EuFe09j97wg38n.B_CC3b8_jmpyo6C
date: Fri, 19 Apr 2024 09:37:54 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11638
x-amz-server-side-encryption: AES256
etag: "ab6faf91ab687f11b255c42ad6691b1e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 144528
x-amz-cf-id: Q73PQHAnnShDXlvsmOCmlGuKF9Umn7T1nEgjsutrREHdSA7eSVjrqQ==

GET
H2 200 fandb-quad---furnace-632b36df79230.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 137 KB
137 KB 15ms
12ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---furnace-632b36df79230.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bae30756ee6a739a884c7155c589b8fa38f9a71e16003ea94c6163ae6f37cce9

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 5vy1VE2k_AKq3T5anOiaKNwcymr9.9Lk
date: Thu, 18 Apr 2024 09:40:04 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 86271
x-amz-server-side-encryption: AES256
etag: "dcea66a958c9fb55bcf03edd3a55f1cf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 139848
x-amz-cf-id: FMt3lLzvGK59015wzHNhJKxwqICfSrQNCfWW7PvPJeObltv7cD_JkA==

GET
H2 200 fandb-quad---p-rock-632b4be660b1d.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 111 KB
111 KB 18ms
15ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---p-rock-632b4be660b1d.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6feb3bf4c8fa0f094566bc6405d6dd28b6bc89b977aa6c55a65b4b826d11f8df

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: TGBWb2yHazGvLg9MrOXZ_SdmKA.DtdkU
date: Thu, 18 Apr 2024 09:40:04 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 86271
x-amz-server-side-encryption: AES256
etag: "23704b1c94ec5453ce44bbd32611a2ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 113588
x-amz-cf-id: 3YAVsOpWgr4eNxrNXYkEgQRgsi4JjWvU9MAZS41VImqd23mmAZYImQ==

GET
H2 200 fandb-quad---hogs-and-hefs-632b4d89a06b3.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 174 KB
174 KB 19ms
17ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---hogs-and-hefs-632b4d89a06b3.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01872f15ee302647bffbca25f61745c27fda2463b3cf7e191a7d30d69d99a06

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: t21Gn8ze1J3stgxb_M1bo2d3vmUIzUYZ
date: Thu, 18 Apr 2024 09:40:04 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:05 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 86271
x-amz-server-side-encryption: AES256
etag: "8af52cc7ae51288de68a588c42e20558"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 177706
x-amz-cf-id: sHxZLTAieV0-ss0sy35_CYu4F_xMQaLXoHvD90afYyTJWlhyzdl7jw==

GET
H2 200 DowntownGrandHotel-Logo-Footer.svg
www.downtowngrand.com/assets/svg/ 5 KB
2 KB 134ms
131ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/DowntownGrandHotel-Logo-Footer.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa575bc77a75c441e90ed01f4e90d82bcc468f934ca79cd069904922f8ec7308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-12e2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 876beb29ba9365ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 Logo-IPrefer.png
www.downtowngrand.com/assets/images/ 7 KB
7 KB 254ms
251ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Logo-IPrefer.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94be68ff19b51715111d9be8bb85d7d688fdc0e60f6b3d1db011d1ea86263207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-1bd7"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 876beb29ba9465ac-FRA
content-length: 7127
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 Green%20Seal%20Silver%20Logo.png
www.downtowngrand.com/assets/images/ 15 KB
15 KB 135ms
133ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Green%20Seal%20Silver%20Logo.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eccb5640ed07154529342801fe9ed1dc42ee6831e30731ff9e175c5b10ba97b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-3a77"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 876beb29ba9565ac-FRA
content-length: 14967
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 revinate-form.js Show response
contact-api.inguest.com/bundles/revinatecontactapi/js/ 5 KB
2 KB 621ms
177ms Script
application/javascript 44.239.185.106
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contact-api.inguest.com/bundles/revinatecontactapi/js/revinate-form.js?v=1

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.239.185.106 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-239-185-106.us-west-2.compute.amazonaws.com

Software

Resource Hash

27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31449600, public
accept-ranges: bytes
content-length: 1480

GET
H2 200 symphony.js Show response
frontend.cdn.tambourine.com/assets/ 66 KB
66 KB 425ms
420ms Script
application/javascript 2600:9000:2670:5400:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/symphony.js?D6CW2l
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5400:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b82ed265885aa8b5a09b397dd61710b8c97b1ec3263d64d10097d4fecbffdbf

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 14:30:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "da6859687b9929a52818e5b71113a40f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 67146
x-amz-cf-id: j095svhGenGmcV9zOUxio-fRfWseiJFUD1sTAw6KCvPY6epRnihHmA==

GET
H2 200 scripts.js Show response
www.downtowngrand.com/assets/ 172 KB
51 KB 134ms
134ms Script
application/javascript 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/assets/scripts.js?D6CW2l

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b35add0e1ee39219484345bc3e4d8400acf5a87c1c9e54221625563d9b42f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 16 Jun 2023 16:17:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"648c8b36-2b1ea"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 876beb2919bb65ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H3 200 vue.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/ 92 KB
31 KB 162ms
56ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/vue.min.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1256411
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30949
last-modified: Tue, 08 Jun 2021 12:01:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60bf5c26-78e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xXLK6%2BjSj%2Fvj5t%2FgpRakW2Kcx7rvM0ay%2BMm7oVQUEezf3OgKAD01aiOS1pJU7KSJGhOcYC11YJVjzR33GF9wKxU0k6o9L0GlDGmv%2BYMDmsrBit1qKe24LZKyL82678SbCVDuCYkdq3iT4YQcu3EBnRc5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 876beb2a6bda5d40-FRA
expires: Wed, 09 Apr 2025 09:37:54 GMT

GET
H2 200 v-popups.min.js Show response
frontend.cdn.tambourine.com/includes/symphony-components/js/ 94 KB
94 KB 399ms
397ms Script
application/javascript 2600:9000:2670:5400:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=66223b707c67c
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:5400:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aad5d8be90de72352c550f911c9853d0e3aa12c71b66f5bf541d39fb50ed4674

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
via: 1.1 4f3281e2362f23bf5efc65311d3defb0.cloudfront.net (CloudFront)
last-modified: Mon, 15 Apr 2024 21:35:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "86781ca323f54f228b61efb86089f476"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 96151
x-amz-cf-id: 9gbCi2MLBInhFvsy8J0xOB98P4jGLauHgvKho4pa_WtViBKxj4q5ZA==

GET
H2 200 v55bfa2fee65d44688e90c00735ed189a1713218998793 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 316ms
41ms Script
text/javascript 2606:4700::6810:5049
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v55bfa2fee65d44688e90c00735ed189a1713218998793
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:5049 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Origin: https://www.downtowngrand.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
last-modified: Mon, 15 Apr 2024 22:09:58 GMT
server: cloudflare
etag: W/"2024.4.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 876beb2b5f4a39e0-FRA

GET
H2 200 css
fonts.googleapis.com/ 11 KB
806 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600|Jost:300,regular,500,200,600&display=swap

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f4fbef32a1e3da3ebb916f978e0edc0c33bdafc70227dee0f37bae7fa2badf44

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 09:37:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 19 Apr 2024 09:37:54 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 370 KB
108 KB 317ms
42ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

172d1f1a46a1676d6edfa11b94a9e136cf96f951eddade3edae681f5b901128c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 109979
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 09:37:54 GMT

GET
H3 200 siteanalyze_6119418.js Show response
siteimproveanalytics.com/js/ 16 KB
6 KB 222ms
117ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6119418.js
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e1407e686618c87e15948a2bdd7da7d5b557ae31eb3e8dd9582ce7d02433a2

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: M7HDPG9TJDJ1RQEC
alt-svc: h3=":443"; ma=86400
content-length: 5675
x-amz-id-2: KdVLbf8OWJHicI2MwSo7Fy5Byjx9zCcAqxp/BIN6JUIQO2Pder4h8vXHhFz/+reiVZKHIPZC5wI=
last-modified: Wed, 14 Feb 2024 16:06:30 GMT
server: cloudflare
etag: "cf0ab0d19a6a30c0055f3ee18febb4f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JDXJMLKwFCl3ZkFiurgKfU99GpjIdp6owIc9eRcCH3AnEhMVHGgg5CWZlv5nhylxG0XS8GzIcWjcqoB5wulm7PQ%2FRZu9036oqllLKmUIsPuVNTg7vX%2B1F3bKmfi8QlocdWNnxGWqgbj1O5qYG53ZhVKyy6reZeE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 876beb2a6ac34d6e-FRA

GET
DATA 200
OK truncated
/ 38 B
38 B Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 204 B
204 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9be58b47b02992d6a87560e738e35b2b5a0ef1493462dbd3c95b30d275a4812

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 Booking-bg.jpg
www.downtowngrand.com/assets/images/ 97 KB
98 KB 215ms
214ms Image
image/jpeg 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Booking-bg.jpg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c642713699195abd5da92f5f2407f3866a5b9abedef20ada8c07041625fcb790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-1848b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 876beb29caab65ac-FRA
content-length: 99467
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 Arrow-Icon.png
www.downtowngrand.com/assets/images/ 382 B
787 B 221ms
220ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Arrow-Icon.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

783f375222f2fbbea6a7e707fae770d19daf9f377bfbe68480d77b95901f2067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-17e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 876beb29fad965ac-FRA
content-length: 382
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 citrus12-3-632a0d25dceab.jpg
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 325 KB
326 KB 420ms
419ms Image
image/jpeg 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/citrus12-3-632a0d25dceab.jpg?q=2
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fd5868efc58d9b51655eb5f629ee84141c7c02bc31ae19aa597d66ff4f0af07

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: y6Zt7xytXqfzrNx1_w4eKYJlt75YshC.
date: Fri, 19 Apr 2024 09:37:55 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:54:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "ab4010f8cf3572d238dd9a4ab3024da1"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 333115
x-amz-cf-id: 06KlKT2b2pnbGO1r_QbcGgnvDG28dObaBm9SK0qvPPDWljgLUfzJjA==

GET
H2 200 furnace-bar-632a06e6440c8.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 687 KB
688 KB 21ms
20ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/furnace-bar-632a06e6440c8.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8f77949fc421e35a1f82edca013fab07e0d5e670e4ceeedee293168f5d68878

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 06:23:57 GMT
x-amz-version-id: rn8Ezy.ntq0MRd_uHeOuIfr3inVTPhBR
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11638
etag: "bf321f9d77ae6612351a9ebc769be168"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 703272
x-amz-cf-id: KQpZBknSMvCcY1tcE4mrcyQtI5-9pnOsGCQjuWClkX3fYi-YXePadg==

GET
H2 200 slice_4-63122e1d5c194.png
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 2 MB
2 MB 24ms
24ms Image
image/png 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/slice_4-63122e1d5c194.png?q=7
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3a5c47d1cbb92f58db0c0e7e4b133acf2e4ad303b401b1891fd5d6f322d4e0b

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: 6Ad0OWn7ztaJZQLj.amDx0HIZvWqXept
date: Fri, 19 Apr 2024 09:37:54 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:55:39 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11638
x-amz-server-side-encryption: AES256
etag: "934f993b2d962811018d17de629af9bd"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2181525
x-amz-cf-id: a0tSKZ-B-Gsw-LHbGGXthq0KxrZSYezqEsW77SU49GoCL1STxY6tgw==

GET
H2 200 triple-george-patio-632a0898d58e1.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 557 KB
558 KB 311ms
311ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/triple-george-patio-632a0898d58e1.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2b43bc0f42742eda128231f424887d48850c75c7528f564e924ef9ab14d417a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: EoMZCHlvDJ1iC7zYPXHLzZdzYnw48OYs
date: Fri, 19 Apr 2024 06:23:57 GMT
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11638
x-amz-server-side-encryption: AES256
etag: "78837517614032fe4d886186892c0a46"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 570684
x-amz-cf-id: mNgnm1R77Wagnd05BlhMydk9KmQ0riOVe9uuOmMzqyiPBRDk7QFrvQ==

GET
H2 200 freedom-beat_room-1-632a0aed38ba5.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 395 KB
396 KB 22ms
22ms Image
image/webp 2600:9000:223c:f800:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/freedom-beat_room-1-632a0aed38ba5.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:f800:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcb2ca1e71af730d09bf7cff563554c703a4b91e8128a63e0baa6beb39d3ac39

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 06:23:57 GMT
x-amz-version-id: 0D3OcE_CBtn.FsRKYz4spTOCMjaQT2Al
via: 1.1 0baa339c02d06988c65d8623d1b3c6ec.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
age: 11638
etag: "c67a1fcbcf0b20282f16b29d451ad33c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 404258
x-amz-cf-id: wePENATRxWAqcD0_JqDvrGo02ioEjr9NM3YnNqhAgxtqZ6klWJqm6A==

GET
H2 200 bg-slider-home.png
www.downtowngrand.com/assets/images/ 44 KB
44 KB 217ms
217ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/bg-slider-home.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d01fa752d34b595b0c92033b9293ea8fd6b8ec885c74c49aa7ab3df1f404ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-af3c"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 876beb2a2b1165ac-FRA
content-length: 44860
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 dot_active_w.svg
www.downtowngrand.com/assets/svg/ 458 B
670 B 207ms
108ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_active_w.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af3d891e8c7dae56c3822e4c10eef6afe17fac5b65383d3e06f34e85811c6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-1ca"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 876beb2b5cac65ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 dot_border_w.svg
www.downtowngrand.com/assets/svg/ 299 B
589 B 208ms
109ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_border_w.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf3d11b295c3fb16faea75f092b8722141be082dc0d7689b6bc6d8f7b4cf054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-12b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 876beb2b5cad65ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 bg-white-sliderv2.png
www.downtowngrand.com/assets/images/ 153 KB
154 KB 128ms
119ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/bg-white-sliderv2.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a1c18e2bec0bc65946162f823325bc50ea31bee334636f44aa2687d9356b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-26529"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 876beb2b7cce65ac-FRA
content-length: 156969
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 dot_active_b.svg
www.downtowngrand.com/assets/svg/ 478 B
613 B 134ms
124ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_active_b.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cec74c749d7ad020709a3fe9cf5578887303df50b17fefd2774e324567acd7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-1de"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 876beb2b7cd065ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 dot_border_b.svg
www.downtowngrand.com/assets/svg/ 299 B
648 B 290ms
290ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_border_b.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc31c7d2528b2a0202c7c64bc976929288fc02caf7312171993ba8137cbfcf2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-12b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 876beb2c2d9765ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 footer-bg.png
www.downtowngrand.com/assets/images/ 10 KB
11 KB 175ms
174ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/footer-bg.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeac74d60f364513e94dcefa946273da1c8fe52f32141f5bff7f8b5773f0a20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-294b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 876beb2c4dca65ac-FRA
content-length: 10571
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/ 26 KB
26 KB 211ms
16ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600|Jost:300,regular,500,200,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.downtowngrand.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 19:01:29 GMT
x-content-type-options: nosniff
age: 311785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26620
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 19:01:29 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v32/ 28 KB
28 KB 202ms
7ms Font
font/woff2 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600|Jost:300,regular,500,200,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://fonts.googleapis.com/
Origin: https://www.downtowngrand.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 15 Apr 2024 23:45:48 GMT
x-content-type-options: nosniff
age: 294726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28600
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 15 Apr 2025 23:45:48 GMT

GET
H2 200 left-arrow-datepicker.svg
www.downtowngrand.com/assets/svg/ 180 B
574 B 264ms
260ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/left-arrow-datepicker.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00ddd77a7d38f8ee326c283ef0f70dcb54fccf875aa569b4d78fb5b7eeb1605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/assets/style.css?D6CW2l
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
content-encoding: gzip
etag: W/"63f8fafd-b4"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 876beb2bcd2165ac-FRA
x-xss-protection: 1; mode=block
expires: Sun, 19 May 2024 09:37:54 GMT

GET
H2 200 image.aspx
6119418.global.siteimproveanalytics.io/ 34 B
149 B 280ms
0ms Image
image/gif 3.122.209.4
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6119418.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.downtowngrand.com%2F&title=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&res=1600x1200&accountid=6119418&rt=2938&prev=8ac5c17a-14c3-a9cb-b9ee-f01148914087&luid=0176f98b-55fb-cecf-3992-c19b453c4ff9&rnd=88029
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.209.4 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-209-4.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Fri, 19 Apr 2024 09:37:54 GMT
cache-control: max-age=0
content-length: 34
expires: Fri, 19 Apr 2024 09:37:54 UTC

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 305 KB
99 KB 61ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8KQVZFDT29&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2bd01aa6a2209a533a6378e818903d08151afc7d087406cd9e1f6d9262d9175f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101676
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 19 Apr 2024 09:37:54 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 241ms
73ms Ping
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=1254772309.1713519475&url=https%3A%2F%2Fwww.downtowngrand.com%2F&dma_cps=-&dma=1&npa=1&gtm=45He44h0n71MQV3W4v71329332za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:54 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 208 KB
76 KB 72ms
59ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-954441679&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

010792f612096c59beb1b5866f78a7a990840859f36f96b703e5810cd10bcce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77463
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 09:37:54 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 220 KB
79 KB 71ms
58ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-10841270011&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0370b3407c7e16ba32ecfe50a6cfbb3c712f2458a57c6303d3058808a4d93e71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 80561
x-xss-protection: 0
last-modified: Fri, 19 Apr 2024 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 19 Apr 2024 09:37:54 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 297ms
32ms Script
application/javascript 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Fri, 19 Apr 2024 09:37:53 GMT
last-modified: Thu, 29 Feb 2024 19:58:06 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0A17EC02D4D6411087C2A759F144CF57 Ref B: VIEEDGE2219 Ref C: 2024-04-19T09:37:54Z
etag: "01b4e9c496bda1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13261

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 218ms
0ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Apr 2024 09:37:54 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57850
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=11, rtx=0, c=15, mss=1326, tbw=2796, tp=-1, tpl=-1, uplat=1, ullat=-1
pragma: public
x-fb-debug: wOWrVy1gASYx9hb23nWwfhkLasOzmuZvOvZMo6VCcogMZxkclLQpKIbOXT0t5a7CX+etyIGbZrKDuaSmndRkXg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 conversion.js Show response
www.googleadservices.com/pagead/ 53 KB
20 KB 182ms
110ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

d12f0a0e3b8089c25816887122f6ffe35ed43d45bf1fb2b4a99d287eb1866843

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19944
x-xss-protection: 0
server: cafe
etag: 879888307963673685
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 19 Apr 2024 09:37:54 GMT

GET
H2 200 loader.js Show response
www.thehotelsnetwork.com/js/ 22 KB
8 KB 268ms
45ms Script
application/javascript 3.161.82.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/js/loader.js?property_id=1036348&account_key=8F546912EEDF302F9D7760336B39C163

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.117 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-117.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

cc6d47a8fdfe4fc12db82ba2696e4af4742e23cdaab71b3b83fb05dd87a773ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:54 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 e161fd49d3d858d9f9d1d337fc91ce8e.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P10
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.downtowngrand.com
access-control-allow-credentials: true
x-amz-cf-id: nZG4UDZWl0ZuPBUHKTJeqUqDuoJI2vON_eFqy_enLkSMPwJDVlNrew==

GET
H2

200

boot.js Show response
forge.gtsgapps.com/
Redirect Chain

https://widgets.gtsgig.com/boot.js?hotel=downtown-grand
https://forge.gtsgapps.com/boot.js?hotel=downtown-grand

31 KB
11 KB

93ms
0ms

Script
application/javascript

2600:9000:225e:b400:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/boot.js?hotel=downtown-grand
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Server: 2600:9000:225e:b400:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 63455673c8c5ab5d9c89fbe8fc7821fa50466f1e451744c05dbf8d3b89a2d679

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 04:39:42 GMT
content-encoding: gzip
via: 1.1 b1c64361268fcbad3c03abbe37eb5cfa.cloudfront.net (CloudFront)
last-modified: Mon, 15 Apr 2024 15:30:06 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 17893
x-amz-server-side-encryption: AES256
etag: W/"0940275c8d1b63d7c4a2091254fb358c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: xKGzVFb15EV0wTGzgZK0za9itGYpCqsnH7gmiqQE_KlGihcwLh3NBg==

Redirect headers

date: Fri, 19 Apr 2024 09:37:54 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CqG7N2F40TBxw2Q2KLm6X9g5j1UfiQg83aLbpJFdQKt3%2FDclDzQZ1KzfgmLcN6pxW2bNvzUh9b4oMRS1RgJWNz4aOJ6DOQMaFdg5tW4mzG7rjjzR7VlKwK9uj60uJyl2ST%2FAsOX9znakYFPcbu07Ux4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
location: https://forge.gtsgapps.com/boot.js?hotel=downtown-grand
cache-control: max-age=3600
cf-ray: 876beb2c6d225caa-FRA
alt-svc: h3=":443"; ma=86400
content-length: 167
expires: Fri, 19 Apr 2024 10:37:54 GMT

GET
H2 200 a7872154-b040-42b1-a4f4-3b6f158c6d35 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 130ms
17ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/a7872154-b040-42b1-a4f4-3b6f158c6d35
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2fbc531e621926042d494337839c3ec75dfd9ff7080e48314abc60585f09594c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F8ek4kOd8Jdfa9yNRn-C
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
149 B 143ms
44ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=v24nh94&ct=0:tow5j06&fmt=3&gtmcb=716887323
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 functions.php Show response
www.downtowngrand.com/ajax/ 2 KB
1 KB 207ms
146ms XHR
text/html 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/ajax/functions.php?operation=_get_geolocation

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=66223b707c67c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4b2327ecf8d5cd1fcda169e8ed907f251cc2184cf740d05fc18d27a73c65db9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 876beb2e183765ac-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993669966/ 43 B
61 B 80ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993669966/?random=1713519474856&cv=9&fst=1713519474856&num=1&label=3GPhCLrJkQcQzubo2QM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247838&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.downtowngrand.com%2F&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&hn=www.googleadservices.com&uaa=x86&uab=64&uam=&uap=Win32&uapv=10.0.0&uaw=0&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:54 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 139001245.js Show response
bat.bing.com/p/action/ 0
116 B 56ms
56ms Script
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/139001245.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Fri, 19 Apr 2024 09:37:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6A28F9F7609E4F78A50C5DA617D51725 Ref B: VIEEDGE2219 Ref C: 2024-04-19T09:37:54Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
285 B 109ms
108ms Image
text/plain 2a01:111:202c::237
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=139001245&tm=gtm002&Ver=2&mid=0f7546a9-3364-4094-a4a6-344622feb639&sid=7fb104f0fe3011ee890a1bd93a11934f&vid=7fb1d7a0fe3011ee96de75a62142313c&vids=1&msclkid=N&gtm_tag_source=1&pi=918639831&lg=de-DE&sw=1600&sh=1200&sc=24&tl=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&p=https%3A%2F%2Fwww.downtowngrand.com%2F&r=&lt=2879&evt=pageLoad&sv=1&rn=292748

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:111:202c::237 , United Kingdom, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Fri, 19 Apr 2024 09:37:53 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0294C4780A1740F98600A47A14D0F991 Ref B: VIEEDGE2219 Ref C: 2024-04-19T09:37:54Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1529129437112093 Show response
connect.facebook.net/signals/config/ 56 KB
12 KB 103ms
100ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1529129437112093?v=2.9.154&r=stable&domain=www.downtowngrand.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2aa4cf06a6a0a5d55f172eae3b8da03a6c6a94be6d8385799f52a0800664cd38

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=53, mss=1326, tbw=63244, tp=-1, tpl=-1, uplat=91, ullat=1
pragma: public
x-fb-debug: HyHplFARSWbPIe83saNiTeKDKaN4x6kTPgS+Z+BOPAjBKxw25r0HLJmJcsrPsmsOejdwS3WdsXm3qq3i7hQ/Hw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
250 B 287ms
22ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-8KQVZFDT29&gtm=45je44h0v894066190z871329332za200&_p=1713519474190&em=tv.1~em.8Rsc3BbGl8cAusOmQy9fdGjfYpqV237eusj18MKmf84&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=1155589647.1713519475&ecid=1518180820&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.60%7CGoogle%2520Chrome%3B124.0.6367.60%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&pscdl=denied&ec_mode=a&_eu=EA&_s=1&sid=1713519475&sct=1&seg=0&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&dt=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3466
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8KQVZFDT29&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.downtowngrand.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eyJwYWdlIjoiZG93bnRvd24tZ3JhbmQtaG90ZWwtYW5kLWNhc2lubyIsImlkX3BhZ2UiOjY0ODIyLCJzdWJwYWdlIjpudWxsLCJsb2NhdGlvbiI6ImhvbWUtdjIiLCJnZW8iOm51bGwsImNvdW50cnkiOiJERSIsInN0YXRlIjoiSEUiLCJodHRwUmVmZXJlciI6IiJ9 Show response
api.tambourine.com/api/v1/symphony/popups/1649/getPopupBySiteId/en/false/ 351 B
515 B 323ms
246ms XHR
application/json 2606:4700::6812:a453
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tambourine.com/api/v1/symphony/popups/1649/getPopupBySiteId/en/false/eyJwYWdlIjoiZG93bnRvd24tZ3JhbmQtaG90ZWwtYW5kLWNhc2lubyIsImlkX3BhZ2UiOjY0ODIyLCJzdWJwYWdlIjpudWxsLCJsb2NhdGlvbiI6ImhvbWUtdjIiLCJnZW8iOm51bGwsImNvdW50cnkiOiJERSIsInN0YXRlIjoiSEUiLCJodHRwUmVmZXJlciI6IiJ9

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=66223b707c67c

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a453 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bf6a5d8d6fb3ae1dfa5759d084107732357105897770d55e3cd8d1ad6252eab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept: application/json, text/plain, */*
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
cf-ray: 876beb2fad019136-FRA
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 463589177315868 Show response
connect.facebook.net/signals/config/ 29 KB
5 KB 84ms
78ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463589177315868?v=2.9.154&r=stable&domain=www.downtowngrand.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

549f23dc62988b8821c5bce5296cecd57a0cd793d9653a9b44224b43f33a3aad

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=38, mss=1232, tbw=4321, tp=9, tpl=0, uplat=68, ullat=0
pragma: public
x-fb-debug: iwtWOFZNQKy64Dd14JcBa468gOarmFw0gLklRCUDljWOE0pWz7FFreZY7abIY2NNailk4XsF2j+5yoMME3HgRQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 44ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475119&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1326, tbw=2787, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 429919557162126 Show response
connect.facebook.net/signals/config/ 22 KB
3 KB 83ms
79ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/429919557162126?v=2.9.154&r=stable&domain=www.downtowngrand.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114%2C124%2C117

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4435570da4776b28d5b4efa7ecbdc8129d34eca6a667ea20d01ab03a88af65a8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=44, mss=1232, tbw=11537, tp=16, tpl=0, uplat=66, ullat=0
pragma: public
x-fb-debug: WNJaYKPFalOy7xd+RwPfq90+qzTNlogXdVCQ1U+pKUcqvP+FTPslBLcmfEuaAB/LdLSrZlW45MIfABmtEXQQlQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
102 B 12ms
6ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475224&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&cs_est=true&it=1713519474994&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=14, mss=1326, tbw=3139, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 1139938923218787 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 88ms
86ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1139938923218787?v=2.9.154&r=stable&domain=www.downtowngrand.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114%2C124%2C117%2C137

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d09ffa1de76810c288d62d83f67aaf3b1c6ae8f228956494d90ada5754839ae5

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=46, mss=1232, tbw=14785, tp=21, tpl=0, uplat=79, ullat=0
pragma: public
x-fb-debug: 2zb8NaNpm0kdoLycWkhvX72D/CILmC3CBBAtv90mx74E85b1zNh4kRUyIVoqQA/Rs6BQJ6XIBLtyOZHnIzF6Bg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
19 B 10ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475335&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4762, tp=14, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 12ms
11ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475336&cd[content_name]=Downtown%20Grand&cd[content_category]=Partner&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=5034, tp=15, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 13ms
11ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475337&cd[content_name]=Downtown%20Grand&cd[content_category]=Partner&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=5178, tp=16, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 13ms
12ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475338&cd[content_name]=Downtown%20Grand&cd[content_category]=Partner&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=5322, tp=17, tpl=0, uplat=1, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 11ms
10ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475442&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5825, tp=26, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 12ms
11ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=F%26BLPView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475444&sw=1600&sh=1200&v=2.9.154&r=stable&ec=2&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=5969, tp=27, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 12ms
12ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=F%26BLPView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475444&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=6113, tp=28, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 13ms
12ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=F%26BLPView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475448&sw=1600&sh=1200&v=2.9.154&r=stable&ec=2&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=6257, tp=29, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 13ms
12ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=F%26BLPView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475449&sw=1600&sh=1200&v=2.9.154&r=stable&ec=1&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=24, mss=1232, tbw=6401, tp=30, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 functions.php Show response
www.downtowngrand.com//ajax/ 70 B
512 B 185ms
184ms Fetch
text/html 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com//ajax/functions.php?operation=_get_form_token

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/assets/symphony.js?D6CW2l

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

057742b6792392b78b2cd0a71ca11e76a715a790b6b7250ba2a181be4b3418d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 876beb31acb965ac-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 798 B
763 B 26ms
17ms Script
application/javascript 35.234.162.151
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=435919&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a7872154-b040-42b1-a4f4-3b6f158c6d35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.234.162.151 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 151.162.234.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 9ed7aa41da8285d098f5ea911927385e8f7f78cc4d0c17aaff6bd295ffe0821e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 14ms
13ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475473&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&ec=3&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=6881, tp=38, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 15ms
13ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475474&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmgoogletagmanager&ec=3&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=7121, tp=41, tpl=0, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 16ms
15ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475475&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&ec=3&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=7233, tp=42, tpl=0, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 17ms
16ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475476&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&ec=2&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=7377, tp=43, tpl=0, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 18ms
17ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475478&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&ec=4&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=7521, tp=44, tpl=0, uplat=2, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 18ms
18ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475480&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&a=tmgoogletagmanager&ec=4&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=7665, tp=45, tpl=0, uplat=2, ullat=1
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 19ms
19ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475480&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&ec=4&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=7809, tp=46, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
16 B 20ms
20ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1713519475481&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.154&r=stable&ec=3&o=4126&fbp=fb.1.1713519475114.2088460485&ler=empty&cdl=API_unavailable&it=1713519474994&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=25, mss=1232, tbw=7953, tp=47, tpl=0, uplat=1, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 19 Apr 2024 09:37:55 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK DowntownGrandHotel&Casino-favicon.ico
2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/downtown-grand-hotel-casino/files/ 15 KB
15 KB 140ms
56ms Other
image/vnd.microsoft.icon 23.73.140.164
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/downtown-grand-hotel-casino/files/DowntownGrandHotel&Casino-favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.73.140.164 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-73-140-164.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: bc23611f3eaee7c60e816d8febdfe81ea09f7c58d33e1cc9cff2fd9e4ac487ab

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 19 Apr 2024 09:37:55 GMT
Last-Modified: Tue, 08 Feb 2022 20:07:50 GMT
ETag: 02f9bdbbdc1c145d928fd27e8685e95f
Content-Type: image/vnd.microsoft.icon
X-Timestamp: 1644350869.34700
Cache-Control: public, max-age=224230
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txb8010dae37d149ea89ca2-0065f3868fdfw1
Content-Length: 15406
Expires: Sun, 21 Apr 2024 23:55:05 GMT

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=CC035AD393AD4645BAB1BB3DDD39DA3C

0
236 B

66ms
23ms

Image
text/plain

2600:9000:211e:2c00:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: H2
Server: 2600:9000:211e:2c00:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
cache-control: no-cache, must-revalidate
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be624.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: S81Kv3AxY3ree6Q4hnjTEl1Wt8fZa1v34b534nuRW_lJTAksBZ9rTA==
x-cache: Miss from cloudfront

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

200

RX-f743e874-9f27-4bad-8808-5fceaed2df9e-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/CC035AD393AD4645BAB1BB3DDD39DA3C
https://sync.1rx.io/usersync/simplifi/CC035AD393AD4645BAB1BB3DDD39DA3C?zcc=1&cb=1713519475690
https://sync.targeting.unrulymedia.com/csync/RX-f743e874-9f27-4bad-8808-5fceaed2df9e-003

43 B
378 B

63ms
14ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-f743e874-9f27-4bad-8808-5fceaed2df9e-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-f743e874-9f27-4bad-8808-5fceaed2df9e-003
pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=CC035AD393AD4645BAB1BB3DDD39DA3C&dongle=yf3

37 B
140 B

53ms
8ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=CC035AD393AD4645BAB1BB3DDD39DA3C&dongle=yf3
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=CC035AD393AD4645BAB1BB3DDD39DA3C&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=CC035AD393AD4645BAB1BB3DDD39DA3C

43 B
175 B

393ms
122ms

Image
image/gif

2600:1f18:612b:4200:3416:c384:676d:d461
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: H2
Server: 2600:1f18:612b:4200:3416:c384:676d:d461 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Fri, 19 Apr 2024 09:37:55 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CC035AD393AD4645BAB1BB3DDD39DA3C
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CC035AD393AD4645BAB1BB3DDD39DA3C

95 B
429 B

25ms
23ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CC035AD393AD4645BAB1BB3DDD39DA3C

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CC035AD393AD4645BAB1BB3DDD39DA3C
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CC035AD393AD4645BAB1BB3DDD39DA3C
https://d.agkn.com/pixel/10751/?che=1713519475681&ip=138.199.38.133&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D216623104857001188939
https://um.simpli.fi/aa_px?sk=216623104857001188939
https://um.simpli.fi/empty.gif

43 B
361 B

16ms
15ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CC035AD393AD4645BAB1BB3DDD39DA3C

0
0

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
410 B 37ms
20ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
410 B 38ms
22ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

451

400646.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=CC035AD393AD4645BAB1BB3DDD39DA3C;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=CC035AD393AD4645BAB1BB3DDD39DA3C;mimetype=img;sr
https://idsync.rlcdn.com/400646.gif?partner_uid=4887534150442960766

0
42 B

18ms
17ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/400646.gif?partner_uid=4887534150442960766
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
location: https://idsync.rlcdn.com/400646.gif?partner_uid=4887534150442960766
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
expires: Mon, 1 Jan 1990 0:0:0 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=CC035AD393AD4645BAB1BB3DDD39DA3C&j=0

0
324 B

394ms
147ms

Image
text/plain

54.78.254.47
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=CC035AD393AD4645BAB1BB3DDD39DA3C&j=0
Protocol: H2
Server: 54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:56 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=CC035AD393AD4645BAB1BB3DDD39DA3C&j=0
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2 200 yahoo
um.simpli.fi/ 43 B
410 B 40ms
23ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=CC035AD393AD4645BAB1BB3DDD39DA3C

0
421 B

382ms
90ms

Image
text/plain

52.44.174.41
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: HTTP/1.1
Server: 52.44.174.41 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-174-41.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 19 Apr 2024 09:37:55 GMT

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=CC035AD393AD4645BAB1BB3DDD39DA3C

62 B
479 B

246ms
167ms

Image
image/gif

72.246.169.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: H2
Server: 72.246.169.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a72-246-169-24.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Fri, 19 Apr 2024 09:37:55 GMT
content-length: 62
x-request-id: e3c1af79d990eddd861961e3b1ad3743
content-type: image/gif

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

404

tpid=CC035AD393AD4645BAB1BB3DDD39DA3C
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CC035AD393AD4645BAB1BB3DDD39DA3C

49 B
266 B

113ms
33ms

Image
image/gif

52.211.13.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: H2
Server: 52.211.13.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-13-38.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.22.159
content-length: 49
expires: 0

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

204

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=CC035AD393AD4645BAB1BB3DDD39DA3C

0
205 B

115ms
36ms

Image
text/plain

52.213.144.60
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: H2
Server: 52.213.144.60 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-144-60.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

expires: Fri, 20 Mar 2009 00:00:00 GMT
pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
x-merge: GDPR Optout true
cache-control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
p3p: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=CC035AD393AD4645BAB1BB3DDD39DA3C

0
98 B

68ms
19ms

Image
text/plain

35.244.174.68
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

date: Fri, 19 Apr 2024 09:37:55 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1713519475485&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5w...

42 B
64 B

41ms
24ms

Image
image/gif

2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI4bedvf3NhQMVMaaDBx3XpwmiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vd3d3LmRvd250b3duZ3JhbmQuY29tLw&is_vtc=1&cid=CAQSKQB7FLtqJbm64ftcT5x3O9FbWHJaVwhcQ592p3PDLcZuc-nVXtnUMPl5&random=2050319361&ipr=y

Protocol

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1790170722&cv=7&fst=1713519475485&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=CLHBsQIIsMGxAgi5wbECCJjBsQI&pscrd=IhMI4bedvf3NhQMVMaaDBx3XpwmiMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6Hmh0dHBzOi8vd3d3LmRvd250b3duZ3JhbmQuY29tLw&is_vtc=1&cid=CAQSKQB7FLtqJbm64ftcT5x3O9FbWHJaVwhcQ592p3PDLcZuc-nVXtnUMPl5&random=2050319361&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 42ms
26ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=CC035AD393AD4645BAB1BB3DDD39DA3C
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCC035AD393AD4645BAB1BB3DDD39DA3C

43 B
1 KB

19ms
19ms

Image
image/gif

37.252.171.85
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCC035AD393AD4645BAB1BB3DDD39DA3C

Protocol

Server

37.252.171.85 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
an-x-request-uuid: 17f0d1cb-ae39-42ab-a85c-00226737d76f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 138.199.38.133; 138.199.38.133; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
an-x-request-uuid: cc0640a6-8a55-442e-b736-a9673876c472
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCC035AD393AD4645BAB1BB3DDD39DA3C
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.133; 138.199.38.133; 1006.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CC035AD393AD4645BAB1BB3DDD39DA3C&expires=365

0
239 B

75ms
14ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CC035AD393AD4645BAB1BB3DDD39DA3C&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: c1913d0f161dfd12bb229b87994a2d1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CC035AD393AD4645BAB1BB3DDD39DA3C&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=CC035AD393AD4645BAB1BB3DDD39DA3C

43 B
264 B

67ms
22ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=CC035AD393AD4645BAB1BB3DDD39DA3C
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 19 Apr 2024 09:37:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=CC035AD393AD4645BAB1BB3DDD39DA3C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 18 Apr 2024 09:37:55 GMT

GET
H2 200 pixel
cm.g.doubleclick.net/ 170 B
409 B 100ms
27ms Image
image/png 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://www.downtowngrand.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 19 Apr 2024 09:37:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.intentiq.com
URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CC035AD393AD4645BAB1BB3DDD39DA3C

Verdicts & Comments Add Verdict or Comment

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
downtowngrand.com/	1970-01-20 20:08:44	Name: AWSALB Value: BZJZtavzKbH6Y9tzsaO1iJ4Fpaxt7U18Fp73VSnfbwTJ8TOvEsxmk6POryL39IaN2aBABE671B28HIEtmNnDl/ujoLSlyKZvFJpORTSJ1Hm9IoO7Th4Tsuk8NO4/
www.downtowngrand.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cshdpvcu58qjai7otpmkii55qh
www.downtowngrand.com/	1970-01-20 20:41:51	Name: ACCEPT_WEBP Value: true
.downtowngrand.com/	1970-01-21 05:34:39	Name: nmstat Value: 8ac5c17a-14c3-a9cb-b9ee-f01148914087
.downtowngrand.com/	1970-01-20 20:00:05	Name: _uetsid Value: 7fb104f0fe3011ee890a1bd93a11934f
.downtowngrand.com/	1970-01-21 05:20:15	Name: _uetvid Value: 7fb1d7a0fe3011ee96de75a62142313c
.simpli.fi/	1970-01-21 04:45:41	Name: suid Value: CC035AD393AD4645BAB1BB3DDD39DA3C
.bing.com/	1970-01-21 05:20:15	Name: MUID Value: 2441B6CF0F9363B30ABDA2A90EA462CC
.downtowngrand.com/	1970-01-20 22:08:15	Name: _fbp Value: fb.1.1713519475114.2088460485
.simpli.fi/	1970-01-20 20:08:44	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-21 05:20:15	Name: IDE Value: AHWqTUk8GTI3nyFW5QQuXchm7EIbfcwrCgiAKvkIqySVR5r1w5JEu7HAWLR2pKM2
www.downtowngrand.com/	1970-01-20 20:08:44	Name: AWSALB Value: 88ZeDUz6czzvGip9u27jfYEBLYBcNhiWX8nCxXQoheyLfWSFjCIRkTVqdbt834Yc3y0G62v7XT5G0X6iOvN7ZBztAEOkzq5wrq1JWbnZRMblDdUGvIojNEZu6avP
.agkn.com/	1970-01-21 04:44:15	Name: ab Value: 0001%3ALF1HRF2bdm7WZ%2FsFJVwm4ZfJBrSuwKcr
.tapad.com/	1970-01-20 21:25:03	Name: TapAd_TS Value: 1713519475685
.tapad.com/	1970-01-20 21:25:03	Name: TapAd_DID Value: ee17b092-0b9c-45d1-97a9-979bcca0ffe7
.1rx.io/	1970-01-21 04:44:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f743e874-9f27-4bad-8808-5fceaed2df9e-003%22%7D
.adnxs.com/	1970-01-20 22:08:15	Name: XANDR_PANID Value: OOddNlaPmvm9E95OJM5aA83WHPVuexJTbIISH-DJRw9XfR9w-3kbNIWDyarVErOZzhN6xrVeU4BDk5I5y-OFWKnBS6VcxeRf0WNsWdQRMOY.
.adnxs.com/	1970-01-21 05:34:39	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 22:08:15	Name: uuid2 Value: 6203853835123469305
.tapad.com/	1970-01-20 21:25:03	Name: TapAd_3WAY_SYNCS Value:
.adnxs.com/	1970-01-20 22:08:15	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2In>rHQP[!]tbPl1N!7On*M$=BX@:cyD2feVwZpiHf(Ne:5tZfoE2Sk^s#FoTopB2JeMBf%vwsP(hw9P-HC_#tx0Z)xiqC
.pro-market.net/	1970-01-21 00:17:51	Name: anProfile Value: "114sm9bylk5tq+1+1f=1+1g=1+1j=41+rs=s+rt=2A026EA0C71B0000101286EA7CBD2F7A+s2=(sc6o37)+vm=24-CC035AD393AD4645BAB1BB3DDD39DA3C"
.pro-market.net/	1970-01-20 20:41:51	Name: anHistory Value: "114sm9bylk5tq+2+!#7%/#7#7)Z"
.agkn.com/	1970-01-21 04:44:15	Name: u Value: C\|0AAAAAAAALbT38wAAAAAA
.targeting.unrulymedia.com/	1970-01-21 04:44:15	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-f743e874-9f27-4bad-8808-5fceaed2df9e-003%22%7D
.bluekai.com/	1970-01-21 00:22:10	Name: bku Value: blx99c1f/ZqikbLL
.bluekai.com/	1970-01-21 00:22:10	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwDBe1e1NxDxpmEBOHextBePYxD/hxA/pHWHW1pkWxEBe9y9gsQF4
.bfmio.com/	1970-01-21 04:44:15	Name: __141_cid Value: CC035AD393AD4645BAB1BB3DDD39DA3C
.bfmio.com/	1970-01-21 04:44:15	Name: __io_cid Value: 9cace864f4666e21b92876c6f83e7a1485fd6c56

87 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 26) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://connect.facebook.net/signals/config/1529129437112093?v=2.9.154&r=stable&domain=www.downtowngrand.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=CC035AD393AD4645BAB1BB3DDD39DA3C Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CC035AD393AD4645BAB1BB3DDD39DA3C Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
network	error	URL: https://idsync.rlcdn.com/400646.gif?partner_uid=4887534150442960766 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.downtowngrand.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
javascript	warning	URL: https://www.downtowngrand.com/ Message: The resource https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600\|Jost:300,regular,500,200,600 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com
6119418.global.siteimproveanalytics.io
aa.agkn.com
api.tambourine.com
app.termly.io
bat.bing.com
bcp.crwdcntrl.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
contact-api.inguest.com
d.agkn.com
downtowngrand.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
forge.gtsgapps.com
frontend.cdn.tambourine.com
frontend.tambo.site
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
loadm.exelator.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pixel.tapad.com
region1.google-analytics.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
static.cloudflareinsights.com
symphony.cdn.tambourine.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
widgets.gtsgig.com
www.downtowngrand.com
www.facebook.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.thehotelsnetwork.com
sync.intentiq.com
104.18.160.83
142.250.181.226
142.250.185.98
18.194.168.76
2001:4860:4802:32::36
23.73.140.164
2600:1901:0:8eee::
2600:1f18:612b:4200:3416:c384:676d:d461
2600:9000:211e:2c00:1b:5138:8a40:93a1
2600:9000:223c:f800:5:8193:8e40:93a1
2600:9000:225e:b400:1:279d:1d40:93a1
2600:9000:2670:5400:b:4a4a:a7c0:93a1
2606:4700::6810:5049
2606:4700::6810:c218
2606:4700::6811:180e
2606:4700::6812:1fea
2606:4700::6812:a453
2a00:1450:4001:810::2004
2a00:1450:4001:811::2002
2a00:1450:4001:812::200a
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a01:111:202c::237
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3120::3
2a06:98c1:3121::3
3.122.209.4
3.127.182.109
3.161.82.117
3.33.220.150
34.111.113.62
34.91.62.186
35.234.162.151
35.244.159.8
35.244.174.68
37.252.171.85
44.239.185.106
46.228.174.117
52.211.13.38
52.213.144.60
52.44.174.41
54.78.254.47
69.173.144.165
72.246.169.24
76.223.111.18
00d01fa752d34b595b0c92033b9293ea8fd6b8ec885c74c49aa7ab3df1f404ea
010792f612096c59beb1b5866f78a7a990840859f36f96b703e5810cd10bcce4
0370b3407c7e16ba32ecfe50a6cfbb3c712f2458a57c6303d3058808a4d93e71
052e58079bc72cbc064ece64e0df1af113fbb15d92fc3aa6c42596d0d5ffed9d
057742b6792392b78b2cd0a71ca11e76a715a790b6b7250ba2a181be4b3418d3
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b82ed265885aa8b5a09b397dd61710b8c97b1ec3263d64d10097d4fecbffdbf
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0fd5868efc58d9b51655eb5f629ee84141c7c02bc31ae19aa597d66ff4f0af07
13f44f67e029e2e9d0c55cafb39b8825edec88f065b687bb386fe7a42647b54a
17106bf803d42bcf2f2bdf778ece084d3f91c68e7ea41dae7bff61fefa573dee
172d1f1a46a1676d6edfa11b94a9e136cf96f951eddade3edae681f5b901128c
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34
2aa4cf06a6a0a5d55f172eae3b8da03a6c6a94be6d8385799f52a0800664cd38
2bd01aa6a2209a533a6378e818903d08151afc7d087406cd9e1f6d9262d9175f
2c67a07118d1af64f10aaeec8657870df333c1b2e40199d02a0a5a376c9a031c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbc531e621926042d494337839c3ec75dfd9ff7080e48314abc60585f09594c
3af3d891e8c7dae56c3822e4c10eef6afe17fac5b65383d3e06f34e85811c6a9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4435570da4776b28d5b4efa7ecbdc8129d34eca6a667ea20d01ab03a88af65a8
44fc462799839c3cd6ef6a53f2d92b7c586edf219e4434d7b829f3d15f642af3
454ac6445a518db55bd064f5923cdea9a99337e3d936745ca47b088a729aac6f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bf6a5d8d6fb3ae1dfa5759d084107732357105897770d55e3cd8d1ad6252eab
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f46b4cf8e5cc9add5eeafc7cb0a4607940cdb8f18dda48107f4e2a199bf89a2
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53e1407e686618c87e15948a2bdd7da7d5b557ae31eb3e8dd9582ce7d02433a2
549f23dc62988b8821c5bce5296cecd57a0cd793d9653a9b44224b43f33a3aad
5c5c3d76cb0beb426e085fa5de4bfd09dd1c73854668723b5b1d12fb1c75f67a
6123bcba0dee5f039a3396930d04e017d752851fa3bbcde2c7f44e331cc33e96
63455673c8c5ab5d9c89fbe8fc7821fa50466f1e451744c05dbf8d3b89a2d679
6feb3bf4c8fa0f094566bc6405d6dd28b6bc89b977aa6c55a65b4b826d11f8df
704519bb19f37f802ae6c1b1a9bff22b8c67cc797650cc8c33c353d23837b254
77d5fe96defd6c8c1e3b0466b4827cf83dc7e5c727a10177e115d25132fa86f6
783f375222f2fbbea6a7e707fae770d19daf9f377bfbe68480d77b95901f2067
823804a7807864b44093a3843788f4cd076e89cf4a6fdeb8d153ae5c2c2df721
85f407912384186334577f65bf6bb88045bd96f5222d7c696cc71303d65c826a
886915e7d408d04a6c7b4ec0ca3879ce8f206d7f99b5ff26b142f0085c64eee1
8a2ffc94f24d970dd7b784e8dfdce99ff3a078c48307242642ce956a8379b8ed
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
94be68ff19b51715111d9be8bb85d7d688fdc0e60f6b3d1db011d1ea86263207
9ed7aa41da8285d098f5ea911927385e8f7f78cc4d0c17aaff6bd295ffe0821e
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9be58b47b02992d6a87560e738e35b2b5a0ef1493462dbd3c95b30d275a4812
aad5d8be90de72352c550f911c9853d0e3aa12c71b66f5bf541d39fb50ed4674
acca2ce795ec76be5166a6f07ca71c7a760816fda9e87281fde99da7fdf13f30
b35add0e1ee39219484345bc3e4d8400acf5a87c1c9e54221625563d9b42f4e0
b3a5c47d1cbb92f58db0c0e7e4b133acf2e4ad303b401b1891fd5d6f322d4e0b
b4f281e18e4dd27c51241ba9d3fb3addc7344c8d82c3f09a2ad125ac6e7b3c34
b8f77949fc421e35a1f82edca013fab07e0d5e670e4ceeedee293168f5d68878
bae30756ee6a739a884c7155c589b8fa38f9a71e16003ea94c6163ae6f37cce9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc23611f3eaee7c60e816d8febdfe81ea09f7c58d33e1cc9cff2fd9e4ac487ab
bcb2ca1e71af730d09bf7cff563554c703a4b91e8128a63e0baa6beb39d3ac39
c642713699195abd5da92f5f2407f3866a5b9abedef20ada8c07041625fcb790
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
cc6d47a8fdfe4fc12db82ba2696e4af4742e23cdaab71b3b83fb05dd87a773ee
cec74c749d7ad020709a3fe9cf5578887303df50b17fefd2774e324567acd7a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00ddd77a7d38f8ee326c283ef0f70dcb54fccf875aa569b4d78fb5b7eeb1605
d01872f15ee302647bffbca25f61745c27fda2463b3cf7e191a7d30d69d99a06
d09ffa1de76810c288d62d83f67aaf3b1c6ae8f228956494d90ada5754839ae5
d12f0a0e3b8089c25816887122f6ffe35ed43d45bf1fb2b4a99d287eb1866843
d2b43bc0f42742eda128231f424887d48850c75c7528f564e924ef9ab14d417a
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e00e800c8cd3187727b992b8d7eaa1853abdd42723fc11cd45bfd2022259a54a
e3a1c18e2bec0bc65946162f823325bc50ea31bee334636f44aa2687d9356b50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eccb5640ed07154529342801fe9ed1dc42ee6831e30731ff9e175c5b10ba97b6
eeac74d60f364513e94dcefa946273da1c8fe52f32141f5bff7f8b5773f0a20e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb20a60bf8a76de2a1cff4fe7d564cfdc5ed46eb576a0aadfe7e2824a89d1fd
f4b2327ecf8d5cd1fcda169e8ed907f251cc2184cf740d05fc18d27a73c65db9
f4fbef32a1e3da3ebb916f978e0edc0c33bdafc70227dee0f37bae7fa2badf44
f9122305c0f2aeb3f1d123c1be6ae4cd4bb13eff00f7f06263709d825f05507a
fa575bc77a75c441e90ed01f4e90d82bcc468f934ca79cd069904922f8ec7308
fc31c7d2528b2a0202c7c64bc976929288fc02caf7312171993ba8137cbfcf2e
fcf3d11b295c3fb16faea75f092b8722141be082dc0d7689b6bc6d8f7b4cf054

www.downtowngrand.com Open in urlscan Pro 104.18.160.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

117 Requests

83 %HTTPS

50 %IPv6

45 Domains

52 Subdomains

44 IPs

7 Countries

10781 kBTransfer

13200 kBSize

29 Cookies

16 Outgoing links

Page URL History

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.downtowngrand.com Open in urlscan Pro
104.18.160.83 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

83 %
HTTPS

50 %
IPv6

45
Domains

52
Subdomains

44
IPs

7
Countries

10781 kB
Transfer

13200 kB
Size

29
Cookies

117 HTTP transactions
2 data transactions