urlscan.io logo urlscan.io
SecurityTrails logo

palacasino.com Open in urlscan Pro
146.75.30.132  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://palacasino.com/events/gavin-degraw-colbie-caillat
Effective URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Submission: On July 30 via manual from IN — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 46 IPs in 3 countries across 42 domains to perform 111 HTTP transactions. The main IP is 146.75.30.132, located in Ashburn, United States and belongs to FASTLY, US. The main domain is palacasino.com.
TLS certificate: Issued by R10 on June 18th 2024. Valid for: 3 months.
This is the only time palacasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 146.75.30.132 54113 (FASTLY)
11 104.18.28.203 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
3 2600:1408:c40... 20940 (AKAMAI-ASN1)
9 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.61.162 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 54.154.51.116 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
27 2607:f8b0:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2600:1408:c40... 20940 (AKAMAI-ASN1)
2 2607:f8b0:400... 15169 (GOOGLE)
3 2620:1ec:c11:... 8068 (MICROSOFT...)
2 2a03:2880:f00... 32934 (FACEBOOK)
2 34.86.70.109 396982 (GOOGLE-CL...)
1 2 142.251.179.157 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
2 173.194.204.106 15169 (GOOGLE)
2 31.13.66.19 32934 (FACEBOOK)
8 2a03:2880:f10... 32934 (FACEBOOK)
1 172.217.222.97 15169 (GOOGLE)
22 25 35.194.66.159 396982 (GOOGLE-CL...)
1 1 2600:9000:230... 16509 (AMAZON-02)
1 2 52.46.155.104 16509 (AMAZON-02)
2 3 69.194.240.13 26120 (RHYTHMONE)
1 2 35.71.139.29 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 13.225.63.112 16509 (AMAZON-02)
1 1 2600:9000:26f... 16509 (AMAZON-02)
1 2600:9000:207... 16509 (AMAZON-02)
1 104.36.113.107 62713 (AS-PUBMATIC)
1 63.251.28.210 13789 (INTERNAP-...)
2 3 2600:1901:0:8... 15169 (GOOGLE)
3 4 34.200.65.202 14618 (AMAZON-AES)
1 2 34.229.3.43 14618 (AMAZON-AES)
1 52.201.36.253 14618 (AMAZON-AES)
1 23.39.185.111 16625 (AKAMAI-AS)
1 2 107.23.203.136 14618 (AMAZON-AES)
1 2 44.205.172.22 14618 (AMAZON-AES)
2 2 35.244.154.8 15169 (GOOGLE)
1 1 107.178.254.65 396982 (GOOGLE-CL...)
1 2 2620:1ec:21::14 8068 (MICROSOFT...)
1 1 74.125.192.155 15169 (GOOGLE)
1 2 68.67.179.155 29990 (ASN-APPNEX)
1 69.173.151.100 26667 (RUBICONPR...)
1 2 35.244.159.8 15169 (GOOGLE)
2 2 172.253.63.155 15169 (GOOGLE)
111 46
1    146.75.30.132 (Ashburn, United States)

ASN54113 (FASTLY, US)
palacasino.com
11    104.18.28.203 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    2607:f8b0:400d:c0e::5f (Morganton, United States)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2600:1408:c400:29::17da:da49 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
9    2606:4700:10::ac43:1408 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn-cookieyes.com
1    108.138.61.162 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-61-162.iad12.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2607:f8b0:4004:c08::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    54.154.51.116 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-51-116.eu-west-1.compute.amazonaws.com
log.cookieyes.com
4    2607:f8b0:4004:c09::61 (Washington, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20e2:d600:11:3b84:d200:93a1 (United States)

ASN16509 (AMAZON-02, US)
assets.website-files.com
1    2606:4700:10::6816:1cc (United States)

ASN13335 (CLOUDFLARENET, US)
acsbapp.com
27    2607:f8b0:400d:c07::5e (Morganton, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2606:4700:10::ac43:b9b (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.acsbapp.com
1    2600:1408:c400:29::17da:da50 (Ashburn, United States)

ASN20940 (AKAMAI-ASN1, NL)
p.typekit.net
2    2607:f8b0:400d:c07::8a (Morganton, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
bat.bing.com
2    2a03:2880:f003:c0e:face:b00c:0:3 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    34.86.70.109 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 109.70.86.34.bc.googleusercontent.com
tag.simpli.fi
i.simpli.fi
2    142.251.179.157 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: pd-in-f157.1e100.net
googleads.g.doubleclick.net
1    2607:f8b0:400d:c0f::8a (Morganton, United States)

ASN15169 (GOOGLE, US)
analytics.google.com
1    2607:f8b0:400d:c04::9a (Morganton, United States)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    173.194.204.106 (United States)

ASN15169 (GOOGLE, US)
PTR: qb-in-f106.1e100.net
www.google.com
2    31.13.66.19 (Ashburn, United States)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-01-iad3.fbcdn.net
connect.facebook.net
8    2a03:2880:f103:83:face:b00c:0:25de (Ashburn, United States)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    172.217.222.97 (United States)

ASN15169 (GOOGLE, US)
PTR: qi-in-f97.1e100.net
www.googletagmanager.com
25    35.194.66.159 (Washington, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 159.66.194.35.bc.googleusercontent.com
um.simpli.fi
1    2600:9000:2305:b000:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)
s.ad.smaato.net
2    52.46.155.104 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    69.194.240.13 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
1    2600:1f18:612b:4200:f1a7:5f86:cb95:d987 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
simplifi.partners.tremorhub.com
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    13.225.63.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-63-112.ewr53.r.cloudfront.net
aa.agkn.com
1    2600:9000:26fa:d200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)
d.agkn.com
1    2600:9000:2073:d200:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    104.36.113.107 (United States)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
1    63.251.28.210 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
3    2600:1901:0:8eee:: (Kansas City, United States)

ASN15169 (GOOGLE, US)
fei.pro-market.net
pbid.pro-market.net
4    34.200.65.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-200-65-202.compute-1.amazonaws.com
cms.analytics.yahoo.com
ups.analytics.yahoo.com
2    34.229.3.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-229-3-43.compute-1.amazonaws.com
loadm.exelator.com
1    52.201.36.253 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-201-36-253.compute-1.amazonaws.com
sync.bfmio.com
1    23.39.185.111 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-39-185-111.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    107.23.203.136 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-23-203-136.compute-1.amazonaws.com
bcp.crwdcntrl.net
2    44.205.172.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-205-172-22.compute-1.amazonaws.com
ce.lijit.com
2    35.244.154.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.154.244.35.bc.googleusercontent.com
idsync.rlcdn.com
1    107.178.254.65 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 65.254.178.107.bc.googleusercontent.com
pippio.com
2    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    74.125.192.155 (United States)

ASN15169 (GOOGLE, US)
PTR: qn-in-f155.1e100.net
www.googleadservices.com
2    68.67.179.155 (North Bergen, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ib.adnxs.com
1    69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
2    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
us-u.openx.net
2    172.253.63.155 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
cm.g.doubleclick.net
Apex Domain
Subdomains		 Transfer
27 simpli.fi
tag.simpli.fi — Cisco Umbrella Rank: 8238
i.simpli.fi — Cisco Umbrella Rank: 6968
um.simpli.fi — Cisco Umbrella Rank: 1484
15 KB
27 gstatic.com
fonts.gstatic.com
588 KB
12 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 11800
assets.website-files.com — Cisco Umbrella Rank: 22240
388 KB
9 cdn-cookieyes.com
cdn-cookieyes.com — Cisco Umbrella Rank: 12284
81 KB
8 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
6 KB
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 77
stats.g.doubleclick.net — Cisco Umbrella Rank: 252
cm.g.doubleclick.net — Cisco Umbrella Rank: 363
3 KB
5 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 112
383 KB
4 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 3137
ups.analytics.yahoo.com — Cisco Umbrella Rank: 612
1 KB
4 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 236
80 KB
4 typekit.net
use.typekit.net — Cisco Umbrella Rank: 1178
p.typekit.net — Cisco Umbrella Rank: 1499
34 KB
3 pro-market.net
fei.pro-market.net — Cisco Umbrella Rank: 4127
pbid.pro-market.net — Cisco Umbrella Rank: 22323
1 KB
3 google.com
analytics.google.com — Cisco Umbrella Rank: 238
www.google.com — Cisco Umbrella Rank: 10
128 B
3 bing.com
bat.bing.com — Cisco Umbrella Rank: 534
15 KB
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 864
503 B
2 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 383
2 KB
2 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 669
897 B
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 689
834 B
2 lijit.com
ce.lijit.com — Cisco Umbrella Rank: 1396
893 B
2 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1296
833 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 3519
2 KB
2 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 910
d.agkn.com — Cisco Umbrella Rank: 1174
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 646
1 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 632
970 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 741
730 B
2 amazon-adsystem.com
s.amazon-adsystem.com — Cisco Umbrella Rank: 399
2 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 104
21 KB
2 acsbapp.com
acsbapp.com — Cisco Umbrella Rank: 7038
cdn.acsbapp.com — Cisco Umbrella Rank: 7605
95 KB
2 cookieyes.com
log.cookieyes.com — Cisco Umbrella Rank: 14171
305 B
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 641
fonts.googleapis.com — Cisco Umbrella Rank: 110
10 KB
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 555
1 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 176
23 B
1 pippio.com
pippio.com — Cisco Umbrella Rank: 1285
633 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 1556
480 B
1 bfmio.com
sync.bfmio.com — Cisco Umbrella Rank: 2757
421 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 969
653 B
1 pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 1373
551 B
1 intentiq.com
sync.intentiq.com — Cisco Umbrella Rank: 1598
515 B
1 tremorhub.com
simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 10885
175 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1897
378 B
1 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 1043
541 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 palacasino.com
palacasino.com
9 KB
111 42
Domain Requested by
27 fonts.gstatic.com fonts.googleapis.com
25 um.simpli.fi 22 redirects
11 cdn.prod.website-files.com palacasino.com
9 cdn-cookieyes.com palacasino.com
cdn-cookieyes.com
8 www.facebook.com palacasino.com
5 www.googletagmanager.com palacasino.com
www.googletagmanager.com
4 connect.facebook.net www.googletagmanager.com
connect.facebook.net
3 ups.analytics.yahoo.com 2 redirects
3 bat.bing.com www.googletagmanager.com
bat.bing.com
palacasino.com
3 use.typekit.net palacasino.com
2 cm.g.doubleclick.net 2 redirects
2 us-u.openx.net 1 redirects
2 ib.adnxs.com 1 redirects
2 px.ads.linkedin.com 1 redirects
2 idsync.rlcdn.com 2 redirects
2 ce.lijit.com 1 redirects
2 bcp.crwdcntrl.net 1 redirects
2 loadm.exelator.com 1 redirects
2 fei.pro-market.net 2 redirects
2 pixel.tapad.com 1 redirects
2 eb2.3lift.com 1 redirects
2 sync.1rx.io 2 redirects
2 s.amazon-adsystem.com 1 redirects
2 www.google.com palacasino.com
2 googleads.g.doubleclick.net 1 redirects www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 log.cookieyes.com cdn-cookieyes.com
1 pixel.rubiconproject.com
1 www.googleadservices.com 1 redirects
1 pippio.com 1 redirects
1 stags.bluekai.com
1 sync.bfmio.com
1 pbid.pro-market.net
1 cms.analytics.yahoo.com 1 redirects
1 ads.stickyadstv.com
1 image2.pubmatic.com
1 sync.intentiq.com
1 d.agkn.com 1 redirects
1 aa.agkn.com 1 redirects
1 simplifi.partners.tremorhub.com
1 sync.targeting.unrulymedia.com
1 s.ad.smaato.net 1 redirects
1 i.simpli.fi tag.simpli.fi
1 stats.g.doubleclick.net www.googletagmanager.com
1 analytics.google.com www.googletagmanager.com
1 tag.simpli.fi www.googletagmanager.com
1 p.typekit.net palacasino.com
1 cdn.acsbapp.com acsbapp.com
1 acsbapp.com palacasino.com
1 assets.website-files.com cdn.prod.website-files.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net palacasino.com
1 ajax.googleapis.com palacasino.com
1 palacasino.com
111 54
Subject Issuer Validity Valid
palacasino.com
R10		 2024-06-18 -
2024-09-16		 3 months crt.sh
prod.website-files.com
WE1		 2024-06-25 -
2024-09-23		 3 months crt.sh
upload.video.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-03		 a year crt.sh
cdn-cookieyes.com
WE1		 2024-07-25 -
2024-10-23		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
log.cookieyes.com
Amazon RSA 2048 M02		 2024-03-26 -
2025-04-25		 a year crt.sh
*.google-analytics.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.website-files.com
Amazon RSA 2048 M03		 2023-09-11 -
2024-10-08		 a year crt.sh
acsbapp.com
WE1		 2024-06-20 -
2024-09-18		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
www.bing.com
Microsoft Azure RSA TLS Issuing CA 04		 2024-06-19 -
2024-12-16		 6 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-05-08 -
2024-08-06		 3 months crt.sh
*.simpli.fi
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-11-07 -
2024-12-07		 a year crt.sh
*.g.doubleclick.net
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh
*.google.com
WR2		 2024-07-01 -
2024-09-23		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://palacasino.com/events/gavin-degraw-colbie-caillat
Frame ID: 614BF6A6EDD80327E3ACE59206F63398
Requests: 113 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Gavin Degraw & Colbie Caillat - Together Live | Pala Casino Spa Resort

Page URL History Show full URLs

  1. http://palacasino.com/events/gavin-degraw-colbie-caillat HTTP 307
    https://palacasino.com/events/gavin-degraw-colbie-caillat Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

80 %
HTTPS

42 %
IPv6

42
Domains

54
Subdomains

46
IPs

3
Countries

1757 kB
Transfer

3883 kB
Size

57
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://palacasino.com/events/gavin-degraw-colbie-caillat HTTP 307
    https://palacasino.com/events/gavin-degraw-colbie-caillat Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 82
  • https://um.simpli.fi/smaato HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a75823e112&gdpr=0&gdpr_consent= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a75823e112&gdpr=0&gdpr_consent=&dcc=t
Request Chain 83
  • https://um.simpli.fi/nexxen HTTP 302
  • https://sync.1rx.io/usersync/simplifi/9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://sync.1rx.io/usersync/simplifi/9B2E006A12384AEE85FBF567D177AE2F?zcc=1&cb=1722327997197 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-81ea601a-ad84-47b8-b00e-202dfc1a2f46-005
Request Chain 84
  • https://um.simpli.fi/triplelift HTTP 302
  • https://eb2.3lift.com/xuid?mid=7969&xuid=9B2E006A12384AEE85FBF567D177AE2F&dongle=yf3 HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=9B2E006A12384AEE85FBF567D177AE2F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Request Chain 85
  • https://um.simpli.fi/telaria_p HTTP 302
  • https://simplifi.partners.tremorhub.com/sync?UISF=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 86
  • https://um.simpli.fi/tapad HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 87
  • https://um.simpli.fi/ad_advisor HTTP 302
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://d.agkn.com/pixel/10751/?che=1722327997254&ip=38.132.118.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213200604959005772057 HTTP 302
  • https://um.simpli.fi/aa_px?sk=213200604959005772057 HTTP 302
  • https://um.simpli.fi/empty.gif
Request Chain 88
  • https://um.simpli.fi/intentiq HTTP 302
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 89
  • https://um.simpli.fi/pubmatic HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9B2E006A12384AEE85FBF567D177AE2F
Request Chain 90
  • https://um.simpli.fi/freewheel HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 91
  • https://um.simpli.fi/dtnx HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=9B2E006A12384AEE85FBF567D177AE2F;mimetype=img; HTTP 302
  • https://fei.pro-market.net/engine?du=24;csync=9B2E006A12384AEE85FBF567D177AE2F;mimetype=img;sr HTTP 302
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS HTTP 302
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS HTTP 302
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Fqa1uxJE2pSsjmZPiSEgTWEwbgMRDhvB7LE-~A
Request Chain 92
  • https://um.simpli.fi/exelatem HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=9B2E006A12384AEE85FBF567D177AE2F&j=0 HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=9B2E006A12384AEE85FBF567D177AE2F&j=0&xl8blockcheck=1
Request Chain 93
  • https://um.simpli.fi/yahoo HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=9B2E006A12384AEE85FBF567D177AE2F&verify=true
Request Chain 94
  • https://um.simpli.fi/beachfront HTTP 302
  • https://sync.bfmio.com/sync?pid=141&uid=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 95
  • https://um.simpli.fi/bluekai HTTP 302
  • https://stags.bluekai.com/site/29931?id=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 96
  • https://um.simpli.fi/crwdcntrl HTTP 302
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 97
  • https://um.simpli.fi/lj_match HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://ce.lijit.com/merge?pid=2&3pid=9B2E006A12384AEE85FBF567D177AE2F&dnr=1
Request Chain 98
  • https://um.simpli.fi/liveramp_match HTTP 302
  • https://idsync.rlcdn.com/419566.gif?partner_uid=9B2E006A12384AEE85FBF567D177AE2F HTTP 307
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogOUIyRTAwNkExMjM4NEFFRTg1RkJGNTY3RDE3N0FFMkYQABoNCL3HorUGEgUI6AcQAEIASgA HTTP 307
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&_=2 HTTP 307
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&rand=01540034 HTTP 302
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&rand=01540034&expected_cookie=6e9d9b8f-bff4-4289-878c-9703177b530a
Request Chain 99
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722327996818&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1475270169&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMInbXG46vOhwMVZFJHAR2XawC9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3BhbGFjYXNpbm8uY29tLw HTTP 302
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1475270169&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMInbXG46vOhwMVZFJHAR2XawC9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3BhbGFjYXNpbm8uY29tLw&is_vtc=1&cid=CAQSKQDaQooLycVKoosO4Gn8PPy-mBP1FK1D_DK0YOhvcwv8EvJjRR5buEL0&random=3004985764
Request Chain 101
  • https://um.simpli.fi/an HTTP 302
  • https://ib.adnxs.com/setuid?entity=66&code=9B2E006A12384AEE85FBF567D177AE2F HTTP 307
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9B2E006A12384AEE85FBF567D177AE2F
Request Chain 102
  • https://um.simpli.fi/rb_match HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9B2E006A12384AEE85FBF567D177AE2F&expires=365
Request Chain 103
  • https://um.simpli.fi/ox_match HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9B2E006A12384AEE85FBF567D177AE2F
Request Chain 104
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
  • https://um.simpli.fi/g_match?id=&google_gid=CAESENIYtQ620Z6zRxkSOhzD5V4&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9B2E006A12384AEE85FBF567D177AE2F HTTP 302
  • https://um.simpli.fi/g_match?id=

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request gavin-degraw-colbie-caillat
palacasino.com/events/
Redirect Chain
  • http://palacasino.com/events/gavin-degraw-colbie-caillat
  • https://palacasino.com/events/gavin-degraw-colbie-caillat
34 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
146.75.30.132 Ashburn, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3a6742cf73c6f9e254460c909db9da18780538a2fe96fb771ab5ef47a4f3dfae
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
3265
content-encoding
gzip
content-length
8734
content-security-policy
frame-ancestors 'self'
content-type
text/html
date
Tue, 30 Jul 2024 08:26:34 GMT
strict-transport-security
max-age=300
vary
x-wf-forwarded-proto, Accept-Encoding
via
1.1 varnish
x-cache
HIT, MISS
x-cache-hits
0, 0
x-cluster-name
us-east-1-prod-hosting-red
x-frame-options
SAMEORIGIN
x-lambda-id
5098fcbc-1be4-424c-872e-2218f611ef4d
x-served-by
cache-iad-kcgs7200075-IAD, cache-iad-kiad7000067-IAD
x-timer
S1722327995.881385,VS0,VE19

Redirect headers

Location
https://palacasino.com/events/gavin-degraw-colbie-caillat
Non-Authoritative-Reason
HttpsUpgrades
palacasino.225ddb7b9.min.css
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/css/ 		163 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/css/palacasino.225ddb7b9.min.css
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd2d6df4830b8c889093a8b06bf36cc105cf21da50f2248ece2ec46c29de7cb4

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
gzip
x-amz-version-id
3QBmBn2p2B50cswYPFK4Tp0lgFY72ova
cf-cache-status
HIT
x-amz-request-id
NNK41Z19904ZDCNT
age
41777
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
30144
x-amz-id-2
fE/fC6w3DgWddmD9a1IFAPtzdZr7/CfhS/olTa56If2+CI7J0AAsSkN2CTkxbGl3EPE2iBG6XLs=
last-modified
Mon, 29 Jul 2024 20:45:41 GMT
server
cloudflare
etag
"e1c1e864609d8f2951c02d7a1a5b9e79"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ab3f6f109a0db09-MIA
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0e::5f Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 01:07:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26346
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5437
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 30 Jul 2025 01:07:29 GMT
dyk8sdl.js
use.typekit.net/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/dyk8sdl.js
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ca5d7ec2026a44dbe965a225895a7db86b22d4cef3d5d68d232fa8b57d18127a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Tue, 30 Jul 2024 08:26:35 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6698
script.js
cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/ 		99 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/script.js
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e35ad724e635f5af6f8af5028940545d05facbf20ee492648ed094094e28097

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 16:02:54 GMT
server
cloudflare
age
48169
etag
"18b44-61e64fe6909ad-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f0fe088dc4-MIA
content-length
34727
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=61577aba7d7d49c52dd2e764
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.61.162 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-61-162.iad12.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

Referer
https://palacasino.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 29 Jul 2024 17:38:11 GMT
content-encoding
br
via
1.1 8415794d557292780ff382a8c5bd6058.cloudfront.net (CloudFront)
age
53305
x-amz-cf-pop
IAD12-P1
x-cache
Hit from cloudfront
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
server
AmazonS3
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=84600, must-revalidate
vary
Accept-Encoding
x-amz-cf-id
BbkJm-y9Ngo-6ZLD9Z3UcqOD2Fi5uPngwrYYlY2f3kNL22bwVHZjlA==
palacasino.076ccb1f5.js
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/js/ 		427 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/js/palacasino.076ccb1f5.js
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7293b1876859b0fba5c4f883e7e478204444cc4d7a7a690d44caad0ebb93f0ad

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
gzip
x-amz-version-id
p5yIFnt4LTn5MxnuNwTYtiRpxSXJIlNw
cf-cache-status
HIT
x-amz-request-id
NW2EHH0R8G839W0B
age
405001
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
88329
x-amz-id-2
ToTgnmWvRjfYOW3AN6ChY3tZOaCQDBE6EWOzv6/fCGLHHXpQmgZDbC15UL+I9HV5f/8GW0EXGFHsq3n9cbOU/gkaMgSGBY6Hy6sXj841Fkk=
last-modified
Thu, 25 Jul 2024 13:54:34 GMT
server
cloudflare
etag
"b552ea5f0c944c901584a3e86e0acb04"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000, immutable
accept-ranges
bytes
cf-ray
8ab3f6f109a1db09-MIA
css
fonts.googleapis.com/ 		113 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0203289cdaa198c6766465dd58ea581f719b814112689e8427374b3b06a1b6a6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 08:26:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 30 Jul 2024 08:26:35 GMT
log
log.cookieyes.com/api/v1/ 		2 B
153 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.51.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-51-116.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary0HGwsHj2HVAIy9ew

Response headers

access-control-allow-origin
*
date
Tue, 30 Jul 2024 08:26:35 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8
banner.js
cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/ 		100 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/banner.js
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f26d787a7447cd8e79836e762287cddf6d0dd885adb37155750f689db0791f10

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 16:02:54 GMT
server
cloudflare
age
48168
etag
"18f5a-61e64fe68fa0d-gzip"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f23eb58dc4-MIA
content-length
33459
gtm.js
www.googletagmanager.com/ 		311 KB
106 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5PDVVF8
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5614f82794197c420cba842f744597909431441e86d989662ef18c7e03673ad2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
108521
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jul 2024 08:26:35 GMT
gtm.js
www.googletagmanager.com/ 		242 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5XXVRKZK
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
78cff4f513f08c8e5cb2f1a9beeae59483afadd4d61dd04aa6b95c8a0d887480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88305
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jul 2024 08:26:35 GMT
truncated
/ 		280 B
280 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2e015eaf7cdbac1fa5bac9e96b637bfac31c42949b17ebe97de46e3e001fbf29

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
img/png
truncated
/ 		266 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5bdeee1e71949c1a0df89565634ada34da7f0ca4e2c07c4e77da8073812654dd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
img/png
66152986d6bf0d76095f6ee2_Gavin-Degraw-%26-Colbie-Caillat.jpg
cdn.prod.website-files.com/61577aba7d7d498d18d2e78d/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d498d18d2e78d/66152986d6bf0d76095f6ee2_Gavin-Degraw-%26-Colbie-Caillat.jpg
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d55c2ee057e62f8ce3ae885e0a3bdd2d667119628b24bf4980f2b6cc1242149

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
p2uHq33u1b0z5pCOu5i0_uRKKkhMoXfs
cf-cache-status
HIT
x-amz-request-id
4FH07SHQPM9B9ACP
age
241287
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
92971
x-amz-id-2
KOBeYonD2v7y/Z1vnsRncZsNjswGMmAW95u8hVSjp92+fPK2txMZMfA9HNWRe7jvHslcmzh8JWM=
cf-bgj
h2pri
last-modified
Tue, 09 Apr 2024 11:41:59 GMT
server
cloudflare
etag
"c8ebef9dec606b6d2dc685857c7d1b7f"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f24a48db09-MIA
61e72d02f418e6b808e0d0c9_VentiCF-Bold.otf
assets.website-files.com/61577aba7d7d49c52dd2e764/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://assets.website-files.com/61577aba7d7d49c52dd2e764/61e72d02f418e6b808e0d0c9_VentiCF-Bold.otf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/css/palacasino.225ddb7b9.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20e2:d600:11:3b84:d200:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
937413cbbb15fb9f6b7fc1403f06506533a8a9e496658afeff9eb468029895a4

Request headers

Referer
https://cdn.prod.website-files.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 25 Jun 2024 02:46:28 GMT
x-amz-version-id
5ru5o3WMo6ftxBw6XYiciGyLoGrnyjt6
via
1.1 2d5ae77baf1e996b29b17b6541abf9c2.cloudfront.net (CloudFront)
age
3044408
x-amz-cf-pop
IAD79-C2
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
61332
last-modified
Tue, 18 Jan 2022 21:11:32 GMT
server
AmazonS3
etag
"6a895085348dc5bcd40d527497a0c2cc"
content-type
application/x-font-otf
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
x-amz-cf-id
CU7qZdyZa7WLJgysiProskSFeiUonDdZ-QxrVPKEqyT8AL_-WDIjyg==
65a04c871c46da75e341fba3_PALA%20casino%20spa%20golf%20resort.svg
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		33 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/65a04c871c46da75e341fba3_PALA%20casino%20spa%20golf%20resort.svg
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82692f9b640f1f9a2f059e8b301a314e7718ccb755032c793eca106b3ac48d88

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
RGB1aLzJA_WBn7oiukwfsXwYn33Xe.CI
content-encoding
br
cf-cache-status
HIT
x-amz-request-id
H3E58J1965CAZJFQ
age
2300204
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
x-amz-id-2
ahRUyvnqqSoclb2xwThJSO52TwtlLmkAOWcMN71zVx1vnzGdje8JFhW10WFKdfnFFrWZat6c184=
last-modified
Thu, 11 Jan 2024 20:16:09 GMT
server
cloudflare
etag
W/"0f28132acaf3c5c964e4f51529951a84"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
cf-ray
8ab3f6f26a51db09-MIA
61577aba7d7d495070d2e795_social-icon-facebook.png
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/61577aba7d7d495070d2e795_social-icon-facebook.png
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41ff2900f974a6255f8216d74e968857ae0cff7d08280d15d7b487b20583bf3e

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
enTNIx_1OEtm7BlvmHUVqywN7nJ0b.On
cf-cache-status
HIT
x-amz-request-id
H3E0KY4FJQ82W3CQ
age
5158758
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2127
x-amz-id-2
d5FIiAOQLqcMtZ0b9JRvpG936mkqVHGxAn5rZQjkxHTod7YrKNCubpWEswsfSNFhBcAwqZAn9L4=
last-modified
Fri, 01 Oct 2021 21:16:44 GMT
server
cloudflare
etag
"6dcfa92c1ac25615f6cd1de0ad52f44c"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f26a53db09-MIA
61577aba7d7d49dca1d2e791_pala-casino-spa-resort-logo.png
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/61577aba7d7d49dca1d2e791_pala-casino-spa-resort-logo.png
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a666031ae8808f5da56f972e6e3ef6da4c16fc59bd735b18edd6763998fc4326

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
XFxT.XMCYT3Wj1cEreWX3LuqYWSAC4Q6
cf-cache-status
HIT
x-amz-request-id
H3E5FB33V8Q5GHR3
age
5158786
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
55922
x-amz-id-2
K6ByvnI8nurNdLSidmeXzyPk/XXN042k5heqpH9WbImdK3bANP1lFHVe82GlXGz/J0+7RCiop7o=
last-modified
Fri, 01 Oct 2021 21:16:44 GMT
server
cloudflare
etag
"676d0eef8c1dd13c9b20070dc763fbec"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f26a55db09-MIA
61577aba7d7d491266d2e797_social-icon-youtube.png
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/61577aba7d7d491266d2e797_social-icon-youtube.png
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c3057ce57ed38e93fb3962ca931bcbfe17d944c5d2526334461bac1cca27cf7

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
CpiG6hVGMYVGR7zHUsGSQyo43WHp2TxX
cf-cache-status
HIT
x-amz-request-id
H3EB44ZVXPVY3Z54
age
2278061
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2331
x-amz-id-2
AmYelqOvQc6thV6U4J9EouA4ogvbHGXydliSorB55ASk5yotUHKzsrkDpIlNv+KPog0wmJ23cZk=
last-modified
Fri, 01 Oct 2021 21:16:44 GMT
server
cloudflare
etag
"07414e5e1be75d05c3100e608f38b24a"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f26a56db09-MIA
61577aba7d7d49c51dd2e792_social-icon-instagram.png
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/61577aba7d7d49c51dd2e792_social-icon-instagram.png
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38ad2454a40eddc53c689437a549462a7cd36fbb8766df6ae792b68819bd2a71

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
N43DMZnWBQOHfyOEme5TieF3eCINU5D3
cf-cache-status
HIT
x-amz-request-id
H3E56A123ESNXAS4
age
420195
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2829
x-amz-id-2
zL2Wg5JbhCHzJMkQ/ZWrG1AL0FqPZmLnYfq6NRkilxr5j3Z4QRi4Twmc7c8boKrxx+eqxkU50mc=
last-modified
Fri, 01 Oct 2021 21:16:44 GMT
server
cloudflare
etag
"8ebb5a3c5f10d2611db0b7459422f1d9"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f26a57db09-MIA
61577aba7d7d498f77d2e796_social-icon-twitter.png
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/61577aba7d7d498f77d2e796_social-icon-twitter.png
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffcfb87808eb068ef005bace16cc8c36fed7334a86d9f875a7525fc3ea79e356

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
jCF6fBsh_Hzmkx2u779SFEWVlMPAfxXU
cf-cache-status
HIT
x-amz-request-id
H3E6QYMCE8T141NJ
age
420195
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2497
x-amz-id-2
h7e5uKu4CoIFtc5rfS/cBi9hgOsYQ5TRxEjwcIyuUdXr4RZ3g7Dt32qSBi2c6hPsCoh9EMNaN0w=
last-modified
Fri, 01 Oct 2021 21:16:44 GMT
server
cloudflare
etag
"95b941f0be6d38eea8db2fc0c267297d"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f26a59db09-MIA
61577aba7d7d49010cd2e7a7_logo-four-diamond-award.png
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/61577aba7d7d49010cd2e7a7_logo-four-diamond-award.png
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a305b32c129a84e1cf63b7db293b5e26af64a7d5d8899e0d1a529a6216d4015f

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
x-amz-version-id
gfTZTqbbZhOd5IzsOVXI2m16.Qjo9O6.
cf-cache-status
HIT
x-amz-request-id
H3ECYX0YT3VSVZZC
age
2350889
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
40250
x-amz-id-2
M1mWpQJ70Z9rnrMeYLfDPpVQmCITzYh2AjeoY4nfDaFD5DdKQ2rFPUZlAuD7B3MO641NNXpcv7g=
last-modified
Fri, 01 Oct 2021 21:16:44 GMT
server
cloudflare
etag
"2890667117f533567ed70a82a9e3caec"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6f26a5adb09-MIA
app.js
acsbapp.com/apps/app/dist/js/ 		309 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acsbapp.com/apps/app/dist/js/app.js
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5d7f2613330745577958d3e8ce2de7c29caa11f17a032b8758a670fa04d0c888

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
AHxI1nMSm7P2a7jECbqFDd-xscN5L3_Gk9DhGvM_jRCG-E03hUJMlQthbjCeQECmJrGEM4DzHA
x-goog-storage-class
STANDARD
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Mon, 29 Jul 2024 11:28:09 GMT
server
cloudflare
etag
W/"ee5209e02ca356da739d5067fae22e93"
vary
Accept-Encoding
x-goog-hash
crc32c=Lnty1A==, md5=7lIJ4CyjVtpznVBn+uIukw==
x-goog-generation
1722252489659502
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
316921
access-control-expose-headers
*
cf-ray
8ab3f6f31d1874c8-MIA
expires
Wed, 30 Jul 2025 08:26:35 GMT
l
use.typekit.net/af/3d9e8b/000000000000000077359a48/30/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/3d9e8b/000000000000000077359a48/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
a14139291495338b91c9921003dfe189b44004cf6e521c63bc897cee78544c8b

Request headers

Referer
https://palacasino.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
server
nginx
etag
"a5aeda287bd44802db9fc0a264b1474028663e30"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
13060
l
use.typekit.net/af/5804aa/00000000000000007735c3d4/30/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/af/5804aa/00000000000000007735c3d4/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da49 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
c6d0284bf70d7e02523f93337303bb3be3b6b5e92ff49dba2ed848d6dfc40a37

Request headers

Referer
https://palacasino.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
server
nginx
etag
"f2165abf9a2635db4a57a59498c358ea343e77c8"
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
14636
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:55:37 GMT
x-content-type-options
nosniff
age
466258
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:55:37 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:33:25 GMT
x-content-type-options
nosniff
age
467590
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50296
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:33:25 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:30:19 GMT
x-content-type-options
nosniff
age
467776
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:30:19 GMT
JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
fonts.gstatic.com/s/montserrat/v26/ 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUQjIg1_i6t8kCHKm459WxRyS7m.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 17:14:45 GMT
x-content-type-options
nosniff
age
486710
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34288
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:52:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 17:14:45 GMT
u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l521wRZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:53:13 GMT
x-content-type-options
nosniff
age
466402
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19752
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:46 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:53:13 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7lXff4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:28:00 GMT
x-content-type-options
nosniff
age
532715
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19720
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:47:57 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 04:28:00 GMT
u-440qyriQwlOrhSvowK_l5-fCZM.woff2
fonts.gstatic.com/s/merriweather/v30/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-440qyriQwlOrhSvowK_l5-fCZM.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:56:31 GMT
x-content-type-options
nosniff
age
466204
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20028
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:41:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:56:31 GMT
u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4m0qyriQwlOrhSvowK_l5-eRZOf-I.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:47:16 GMT
x-content-type-options
nosniff
age
466759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19780
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:47:16 GMT
u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52xwNZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:46:52 GMT
x-content-type-options
nosniff
age
466783
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19740
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:46:52 GMT
u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR71Wvf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:52:42 GMT
x-content-type-options
nosniff
age
466433
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19900
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:46:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:52:42 GMT
u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4n0qyriQwlOrhSvowK_l52_wFZWMf6.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:47:16 GMT
x-content-type-options
nosniff
age
466759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19816
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 16:08:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:47:16 GMT
u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
fonts.gstatic.com/s/merriweather/v30/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweather/v30/u-4l0qyriQwlOrhSvowK_l5-eR7NWPf4jvw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 23:47:22 GMT
x-content-type-options
nosniff
age
463153
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19844
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 23:47:22 GMT
jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizaRExUiTo99u79D0KExQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:41:38 GMT
x-content-type-options
nosniff
age
542697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45300
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 01:41:38 GMT
jizYRExUiTo99u79D0e0x8mI.woff2
fonts.gstatic.com/s/ptsans/v17/ 		42 KB
42 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizYRExUiTo99u79D0e0x8mI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 04:34:48 GMT
x-content-type-options
nosniff
age
532307
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42500
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:01:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 04:34:48 GMT
jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:55:00 GMT
x-content-type-options
nosniff
age
466295
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47048
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:55:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:55:00 GMT
jizdRExUiTo99u79D0e8fOydLxUd.woff2
fonts.gstatic.com/s/ptsans/v17/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptsans/v17/jizdRExUiTo99u79D0e8fOydLxUd.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 12:30:58 GMT
x-content-type-options
nosniff
age
503737
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32964
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:06:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 12:30:58 GMT
6aey4Ky-Vb8Ew8IROpI.woff2
fonts.gstatic.com/s/forum/v18/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/forum/v18/6aey4Ky-Vb8Ew8IROpI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
21eb0ef1c5f416bd7837e9bcf5c0ba1b026a9d56e5aed213871957ff442cae1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 21:42:38 GMT
x-content-type-options
nosniff
age
470637
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23820
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 17:21:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 21:42:38 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:28:11 GMT
x-content-type-options
nosniff
age
467904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7840
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:28:11 GMT
pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:28:11 GMT
x-content-type-options
nosniff
age
467904
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8712
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:28:11 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:41:08 GMT
x-content-type-options
nosniff
age
467127
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7884
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:41:08 GMT
pxiGyp8kv8JHgFVrJJLucHtA.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiGyp8kv8JHgFVrJJLucHtA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 03:11:11 GMT
x-content-type-options
nosniff
age
537324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8668
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 03:11:11 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:41:21 GMT
x-content-type-options
nosniff
age
542714
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7748
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:14 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 01:41:21 GMT
pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmg1hVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:31:03 GMT
x-content-type-options
nosniff
age
467732
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8504
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:31:03 GMT
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:48:08 GMT
x-content-type-options
nosniff
age
513507
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8000
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 09:48:08 GMT
pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmr19VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 22:46:29 GMT
x-content-type-options
nosniff
age
466806
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8724
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:01:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 22:46:29 GMT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 01:36:28 GMT
x-content-type-options
nosniff
age
543007
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 01:36:28 GMT
pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
fonts.gstatic.com/s/poppins/v21/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v21/pxiDyp8kv8JHgFVrJJLmy15VF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic%7CMontserrat:100,100italic,200,200italic,300,300italic,400,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic%7CMerriweather:300,300italic,400,400italic,700,700italic,900,900italic%7CPT+Sans:400,400italic,700,700italic%7CForum:regular%7CPoppins:300,300italic,regular,italic,500,500italic,600,600italic,700,700italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::5e Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://palacasino.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Wed, 24 Jul 2024 09:53:32 GMT
x-content-type-options
nosniff
age
513183
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8596
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 24 Jul 2025 09:53:32 GMT
config.json
cdn.acsbapp.com/config/palacasino.com/ 		163 B
702 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.acsbapp.com/config/palacasino.com/config.json
Requested by
Host: acsbapp.com
URL: https://acsbapp.com/apps/app/dist/js/app.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:b9b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d97b6b36138296554bbb47e6f54740a29108cd1fdd88047cad45af0917fd1608

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
br
cf-cache-status
REVALIDATED
x-guploader-uploadid
AHxI1nNtCnLZ80v9aXEO6AjcCf7L2HHw0zxt8mgs1USLDE7244ZNpNBHda1H65Z6DfTvv5O3iNg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Mon, 29 Jul 2024 01:09:09 GMT
server
cloudflare
etag
W/"29592f027896b57d82e2ac1a86aa003d"
vary
Accept-Encoding
x-goog-hash
crc32c=KiFmVQ==, md5=KVkvAniWtX2C4qwahqoAPQ==
x-goog-generation
1722215349199646
access-control-allow-origin
*
content-type
application/json
cache-control
public, max-age=300, must-revalidate
x-goog-stored-content-length
163
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cf-ray
8ab3f6f55b95b3df-MIA
expires
Wed, 30 Jul 2025 08:26:35 GMT
p.gif
p.typekit.net/ 		35 B
205 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.typekit.net/p.gif?s=1&k=dyk8sdl&ht=tk&h=palacasino.com&f=5557.37396&a=12659395&js=1.21.0&app=typekit&e=js&_=1722327995694
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2600:1408:c400:29::17da:da50 Ashburn, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
last-modified
Fri, 28 Jul 2023 12:47:59 GMT
server
nginx
etag
"64c3b8ff-23"
content-type
image/gif
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
35
js
www.googletagmanager.com/gtag/ 		325 KB
104 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-EREH6L1JQD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PDVVF8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
90ca30a1f9a0b327536daa464302c6c3a3db609f8fc8420072a71dbb9677ca2b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
105889
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 30 Jul 2024 08:26:35 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PDVVF8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 30 Jul 2024 08:22:32 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
243
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 30 Jul 2024 10:22:32 GMT
bat.js
bat.bing.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PDVVF8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Tue, 30 Jul 2024 08:26:35 GMT
last-modified
Sat, 13 Jul 2024 20:42:16 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 45191DA994CD4973B2DE542458EEB40A Ref B: MIAEDGE1713 Ref C: 2024-07-30T08:26:35Z
etag
"044982565d5da1:0"
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
14183
fbevents.js
connect.facebook.net/en_US/ 		224 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PDVVF8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 08:26:35 GMT
document-policy
force-load-at-top
x-fb-server-load
60
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
58677
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=12, mss=1297, tbw=2790, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
JvEuiYFfnWyZGm+EpwBvhmIudFz5GLRg1ancIqId5uGU43jxhJWngUGyksjI33ktcdOVDLBj4DS8nYyo9yDHUw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
destination
www.googletagmanager.com/gtag/ 		244 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-757417499&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PDVVF8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::61 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5625a6da92a972f82d452142f8a8693d6b23b079563e1c17da79221943c6660d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
88807
x-xss-protection
0
last-modified
Tue, 30 Jul 2024 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jul 2024 08:26:35 GMT
00e31e20-d2de-0139-b82a-06a60fe5fe77
tag.simpli.fi/sifitag/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.simpli.fi/sifitag/00e31e20-d2de-0139-b82a-06a60fe5fe77
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5PDVVF8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
763a5ee6dc13c65468d8521184e5f2a0600e776f197125935f070424c3f8c40f

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:35 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id
F-bwL9_1Kr0Khw8nXqHD
expires
Thu, 01 Jan 1970 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/757417499/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/757417499/?random=1722327995879&cv=11&fst=1722327995879&bg=ffffff&guid=ON&async=1&gtm=45be47t0z8812452162za201zb812452162&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&hn=www.googleadservices.com&frm=0&tiba=Gavin%20Degraw%20%26%20Colbie%20Caillat%20-%20Together%20Live%20%7C%20Pala%20Casino%20Spa%20Resort&npa=0&pscdl=noapi&auid=83968268.1722327996&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-757417499&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.179.157 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
pd-in-f157.1e100.net
Software
cafe /
Resource Hash
2d10d2f5a024c25fccdc6365d98d19046ca4a109ccd0ae067df5e4eeb894cdc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:36 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1421
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
analytics.google.com/g/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-EREH6L1JQD&gtm=45je47t0v879343952z8812452162za200zb812452162&_p=1722327995220&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tag_exp=95250752&cid=1868574455.1722327996&ul=en-us&sr=1600x1200&_ng=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1722327995&sct=1&seg=0&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&dt=Gavin%20Degraw%20%26%20Colbie%20Caillat%20-%20Together%20Live%20%7C%20Pala%20Casino%20Spa%20Resort&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1264
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EREH6L1JQD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c0f::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://palacasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
244 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&_ng=1&tid=G-EREH6L1JQD&cid=1868574455.1722327996&gtm=45je47t0v879343952z8812452162za200zb812452162&aip=1&dma=0&gcd=13l3l3l3l1&npa=0&frm=0&tag_exp=95250752
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-EREH6L1JQD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c04::9a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://palacasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
97019268.js
bat.bing.com/p/action/ 		334 B
405 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bat.bing.com/p/action/97019268.js
Requested by
Host: bat.bing.com
URL: https://bat.bing.com/bat.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
br
date
Tue, 30 Jul 2024 08:26:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 68BC5DAD01094EEC93A7F63308B18AA5 Ref B: MIAEDGE1713 Ref C: 2024-07-30T08:26:35Z
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
content-type
application/javascript; charset=utf-8
cache-control
private,max-age=1800
collect
www.google-analytics.com/j/ 		3 B
207 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1526213727&t=pageview&_s=1&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&ul=en-us&de=UTF-8&dt=Gavin%20Degraw%20%26%20Colbie%20Caillat%20-%20Together%20Live%20%7C%20Pala%20Casino%20Spa%20Resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=638014480&gjid=1132602238&cid=1868574455.1722327996&tid=UA-144128428-1&_gid=2118624933.1722327996&_r=1&_slc=1&gtm=45He47t0n815PDVVF8v812452162za200&gcd=13l3l3l3l1&dma=0&tag_exp=95250753&z=1391774677
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:400d:c07::8a Morganton, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://palacasino.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
899727241297326
connect.facebook.net/signals/config/ 		66 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/899727241297326?v=2.9.162&r=stable&domain=palacasino.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f003:c0e:face:b00c:0:3 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c56bc521191afc0105f21cbd7b3f168e59da46088b26dd6802f92dcb97ac0ba4
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 08:26:36 GMT
document-policy
force-load-at-top
x-fb-server-load
39
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=65, mss=1297, tbw=64192, tp=-1, tpl=-1, uplat=40, ullat=1
pragma
public
x-fb-debug
HxUL6UuWR7pwHFloIQ6aZjIRAEBeOMLPZalCiFrYmUDgSROz4gsBnTyg1bNxiZ+//oBzrHe4jvlrxX9H1qX2gA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/757417499/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/757417499/?random=1722327995879&cv=11&fst=1722326400000&bg=ffffff&guid=ON&async=1&gtm=45be47t0z8812452162za201zb812452162&gcd=13l3l3l3l1&dma=0&tag_exp=95250752&u_w=1600&u_h=1200&url=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&hn=www.googleadservices.com&frm=0&tiba=Gavin%20Degraw%20%26%20Colbie%20Caillat%20-%20Together%20Live%20%7C%20Pala%20Casino%20Spa%20Resort&npa=0&pscdl=noapi&auid=83968268.1722327996&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fdr=QA&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwDaQooLBXmGY5iX_OD9fOAiDqH9M1la69BTYw&random=421262820&rmt_tld=0&ipr=y
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
173.194.204.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:36 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
0
bat.bing.com/action/ 		0
359 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bat.bing.com/action/0?ti=97019268&tm=gtm002&Ver=2&mid=4fd484ed-7fe3-438b-befd-45dd85822ad9&sid=6f9f74404e4d11ef8868ffa584057ed6&vid=6f9f9c804e4d11ef85b34f9bcdd260a7&vids=1&msclkid=N&pi=918639831&lg=en-US&sw=1600&sh=1200&sc=24&tl=Gavin%20Degraw%20%26%20Colbie%20Caillat%20-%20Together%20Live%20%7C%20Pala%20Casino%20Spa%20Resort&p=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&r=&lt=618&evt=pageLoad&sv=1&cdb=AQcR&rn=391722
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:c11::237 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 30 Jul 2024 08:26:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 215CE7D1386C4851882F6798D0EDE9CB Ref B: MIAEDGE1713 Ref C: 2024-07-30T08:26:36Z
x-cache
CONFIG_NOCACHE
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
expires
Fri, 01 Jan 1990 00:00:00 GMT
2252047931681243
connect.facebook.net/signals/config/ 		23 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2252047931681243?v=2.9.162&r=stable&domain=palacasino.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C223%2C157%2C113%2C129%2C117%2C146
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
2436f407056e04d9c8753aec7e9ed9821ae22d0b92075edb9698a42ac6d6433c
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 08:26:36 GMT
document-policy
force-load-at-top
x-fb-server-load
44
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=23, mss=1232, tbw=4315, tp=9, tpl=0, uplat=58, ullat=0
pragma
public
x-fb-debug
nwmJYxJt31Izsytgt8DUcW5Iyn1qbhfDfZVnOI9ZoIB0l+4L6OMtI9JliEaKNXU1E4Sv+Yod1wiuC5OTgWwzzA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=899727241297326&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996419&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1722327996416.457487833769915559&cs_est=true&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&tm=1&rqm=GET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=10, mss=1297, tbw=2816, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jul 2024 08:26:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=899727241297326&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996419&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1722327996416.457487833769915559&cs_est=true&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&tm=1&rqm=FGET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 30 Jul 2024 08:26:36 GMT
document-policy
force-load-at-top
x-fb-server-load
61
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397342416984384313", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=21, mss=1297, tbw=7859, tp=-1, tpl=-1, uplat=151, ullat=0
pragma
no-cache
x-fb-debug
5/yFa/0ubtCScMTuufTnnvOHPdPuHHUS3fyKpCSORSyW72g7+OAqqTarueZ/JvyzzYCtY8lYQemkmuxkzMeSwQ==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397342416984384313"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
239232771259260
connect.facebook.net/signals/config/ 		22 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/239232771259260?v=2.9.162&r=stable&domain=palacasino.com&hme=e67e7d148043b3a377ad0eb1c82669792a67ba5e3bb5734b69e611ae38f939ca&ex_m=68%2C115%2C102%2C106%2C59%2C3%2C95%2C67%2C15%2C92%2C85%2C49%2C52%2C163%2C166%2C178%2C174%2C175%2C177%2C28%2C96%2C51%2C74%2C176%2C158%2C161%2C171%2C172%2C179%2C124%2C39%2C33%2C136%2C14%2C48%2C184%2C183%2C126%2C17%2C38%2C1%2C41%2C63%2C64%2C65%2C69%2C89%2C16%2C13%2C91%2C88%2C87%2C103%2C50%2C105%2C37%2C104%2C29%2C25%2C159%2C162%2C133%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C55%2C60%2C62%2C72%2C97%2C26%2C73%2C8%2C7%2C77%2C46%2C20%2C99%2C98%2C100%2C93%2C9%2C19%2C18%2C82%2C54%2C80%2C32%2C71%2C0%2C90%2C31%2C79%2C84%2C45%2C44%2C83%2C36%2C4%2C86%2C78%2C42%2C34%2C81%2C2%2C35%2C61%2C40%2C101%2C43%2C76%2C66%2C107%2C58%2C57%2C30%2C94%2C56%2C53%2C47%2C75%2C70%2C23%2C108%2C190%2C189%2C191%2C196%2C197%2C198%2C194%2C186%2C125%2C127%2C155%2C185%2C187%2C116%2C149%2C138%2C143%2C180%2C122%2C222%2C109%2C120%2C223%2C157%2C113%2C129%2C117%2C146%2C121
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
31.13.66.19 Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-01-iad3.fbcdn.net
Software
/
Resource Hash
f90f27178af4250a102768d6c3f1218a2c855e3f65c5edd9a8b1502794991056
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src 'self' data: blob: *;script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' https://*.google-analytics.com;img-src 'self' data: blob: * https://*.google-analytics.com;block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 30 Jul 2024 08:26:36 GMT
document-policy
force-load-at-top
x-fb-server-load
37
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=53, rtx=0, c=28, mss=1232, tbw=10011, tp=15, tpl=0, uplat=63, ullat=0
pragma
public
x-fb-debug
HCRXkOGROfmm1er4E/KmY4UerC2fXUxhgWo/IPZeo6Ti8K06c2CdEMV0a8mlVTARnFuA55YUyfne5xDQ3FPBng==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=899727241297326&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996541&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1722327996416.457487833769915559&cs_est=true&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&rqm=GET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=10, mss=1297, tbw=3225, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jul 2024 08:26:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
851 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=899727241297326&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996541&sw=1600&sh=1200&v=2.9.162&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=4126&fbp=fb.1.1722327996416.457487833769915559&cs_est=true&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&rqm=FGET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 30 Jul 2024 08:26:36 GMT
document-policy
force-load-at-top
x-fb-server-load
54
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397342417796317952", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=19, mss=1297, tbw=6775, tp=-1, tpl=-1, uplat=87, ullat=0
pragma
no-cache
x-fb-debug
BL85Ez8wkBpRUUJdHX5yDNtgYtR+tk4hTtwUcdQF7jQfzO/RzvGZbqB5PiIIfkRe0CTCzOE9Yb1fh2CZsF/kHw==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397342417796317952"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2252047931681243&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996542&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722327996416.457487833769915559&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&rqm=GET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=56, rtx=0, c=10, mss=1297, tbw=3336, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jul 2024 08:26:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=2252047931681243&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996542&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722327996416.457487833769915559&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&rqm=FGET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 30 Jul 2024 08:26:36 GMT
document-policy
force-load-at-top
x-fb-server-load
49
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397342417883872824", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=55, rtx=0, c=19, mss=1297, tbw=3487, tp=-1, tpl=-1, uplat=85, ullat=0
pragma
no-cache
x-fb-debug
aRNr8ZMVZ/vlv2Ewh1aXS8uLTmVr37Q8HvEJYR3R5lvYfem8pjIYpBuTpP3Mj7n2of3aO3J9iG8qBvh3Jd24yQ==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397342417883872824"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=239232771259260&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996665&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722327996416.457487833769915559&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&rqm=GET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

x-fb-connection-quality
GOOD; q=0.7, rtt=60, rtx=0, c=21, mss=1297, tbw=7718, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 30 Jul 2024 08:26:36 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 		67 B
849 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=239232771259260&ev=PageView&dl=https%3A%2F%2Fpalacasino.com%2Fevents%2Fgavin-degraw-colbie-caillat&rl=&if=false&ts=1722327996665&sw=1600&sh=1200&v=2.9.162&r=stable&ec=0&o=4126&fbp=fb.1.1722327996416.457487833769915559&ler=empty&cdl=API_unavailable&it=1722327996061&coo=false&rqm=FGET
Requested by
Host: palacasino.com
URL: https://palacasino.com/events/gavin-degraw-colbie-caillat
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f103:83:face:b00c:0:25de Ashburn, United States, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval' https://*.google-analytics.com *.google.com;style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline' https://fonts.googleapis.com;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com https://*.google-analytics.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com https://fonts.gstatic.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://*.google-analytics.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/ https://www.googleadservices.com https://googleads.g.doubleclick.net https://www.google.com https://td.doubleclick.net *.google.com *.doubleclick.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding
zstd
x-content-type-options
nosniff
strict-transport-security
max-age=15552000; preload
date
Tue, 30 Jul 2024 08:26:36 GMT
document-policy
force-load-at-top
x-fb-server-load
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7397342417635962643", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
GOOD; q=0.7, rtt=59, rtx=0, c=21, mss=1297, tbw=8960, tp=-1, tpl=-1, uplat=52, ullat=0
pragma
no-cache
x-fb-debug
zhu6NbngWkPEqy5zBsUsjCkW/MDC0hkewMO5oIg5GRfwSfmJsVta/J+ey/jTDmrqxVRdI4p/gGZO1BO3qbmp0w==
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7397342417635962643"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
image/png
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
private, no-store, no-cache, must-revalidate
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires
Sat, 01 Jan 2000 00:00:00 GMT
0j0ggglm.json
cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/ 		44 B
334 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/0j0ggglm.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
286d82fe6d084769a7d0ae0de0f4c06e5e535735166d77dbc64817b046ea8c5f

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 16:02:54 GMT
server
cloudflare
age
937
etag
W/"2c-61e64fe68ea6d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8ab3f6fc58a6a518-MIA
p
i.simpli.fi/ 		809 B
770 B 		Script
General
Check archive.org
Download Go to
Full URL
https://i.simpli.fi/p?cid=329430&cb=sifi_att_2568878174775156._hp
Requested by
Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/00e31e20-d2de-0139-b82a-06a60fe5fe77
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.86.70.109 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
109.70.86.34.bc.googleusercontent.com
Software
openresty /
Resource Hash
619a56cdb430b8655b21d6beb66789b6c156cd8635881a1e6406ca603e84d87a

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:36 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires
Thu, 01 Jan 1970 00:00:00 GMT
a
www.googletagmanager.com/ 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.googletagmanager.com/a?v=3&t=l&pid=503642142&rv=47t0&u=AAAAAAAIAAAAACA&h=Ag&gtm=45be47t0za201zb812452162&ccid=siloed__AW-757417499&cid=siloed_AW-757417499&l=L533.S21.B16.E916.I616.EC5.TC4.HTC0~gtm.init.S0.V0.E79.TS5ccdadslast.TI6.TE0.TS5ccdpreautopii.TI7.TE0.TS5ccdadsfirst.TI8.TE0~gtm.js.S0.V0.E76.TS5rep.TI1.TE0~gtm.dom.S0.V0.E5~gtm.load.S0.V0.E1~gtm.init_consent.S2.V1.E20~AWCT665
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.222.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qi-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:36 GMT
server
Google Tag Manager
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
61f08c20c9a56611cf818a24_favicon.png
cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/61577aba7d7d49c52dd2e764/61f08c20c9a56611cf818a24_favicon.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.28.203 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23f942eee8a37d3680b7e66c27c3d232fee4f6f956fe2f5203bc85c2d6083e28

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:36 GMT
x-amz-version-id
em1p_d6cVrLE2Ga__OhxH_5mZ66gQCFc
cf-cache-status
HIT
x-amz-request-id
7HYBWEZ47A398QB8
age
5158784
x-amz-server-side-encryption
AES256
alt-svc
h3=":443"; ma=86400
content-length
2152
x-amz-id-2
NbaC3W0gm5LhmoVXvII6f3rzl9TsbIcBxWnT8MnmXS8pdelgztEugL35F3aQP7OT3/AV9uE0+S4=
last-modified
Tue, 25 Jan 2022 23:47:45 GMT
server
cloudflare
etag
"014b63af46867a3a77056ae4649ed659"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=31536000, must-revalidate
accept-ranges
bytes
cf-ray
8ab3f6fbfdd0db09-MIA
dcm
s.amazon-adsystem.com/
Redirect Chain
  • https://um.simpli.fi/smaato
  • https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=9B2E006A12384AEE85FBF567D177AE2F
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a75823e112&gdpr=0&gdpr_consent=
  • https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a75823e112&gdpr=0&gdpr_consent=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a75823e112&gdpr=0&gdpr_consent=&dcc=t
Protocol
HTTP/1.1
Server
52.46.155.104 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jul 2024 08:26:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
V75KS0CS96JXGAJ217H0
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 30 Jul 2024 08:26:37 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
JV1C1ENTRT5QS8WFC7ST
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=6c6fd2c8-c9f3-4a37-9a77-029dc3cc98b3&id=a75823e112&gdpr=0&gdpr_consent=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
RX-81ea601a-ad84-47b8-b00e-202dfc1a2f46-005
sync.targeting.unrulymedia.com/csync/
Redirect Chain
  • https://um.simpli.fi/nexxen
  • https://sync.1rx.io/usersync/simplifi/9B2E006A12384AEE85FBF567D177AE2F
  • https://sync.1rx.io/usersync/simplifi/9B2E006A12384AEE85FBF567D177AE2F?zcc=1&cb=1722327997197
  • https://sync.targeting.unrulymedia.com/csync/RX-81ea601a-ad84-47b8-b00e-202dfc1a2f46-005
43 B
378 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-81ea601a-ad84-47b8-b00e-202dfc1a2f46-005
Protocol
H2
Server
69.194.240.13 , United States, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
content-length
43
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

content-type
text/html
pragma
no-cache
date
Tue, 30 Jul 2024 08:26:40 GMT
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-81ea601a-ad84-47b8-b00e-202dfc1a2f46-005
expires
0
xuid
eb2.3lift.com/
Redirect Chain
  • https://um.simpli.fi/triplelift
  • https://eb2.3lift.com/xuid?mid=7969&xuid=9B2E006A12384AEE85FBF567D177AE2F&dongle=yf3
  • https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=9B2E006A12384AEE85FBF567D177AE2F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
37 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=9B2E006A12384AEE85FBF567D177AE2F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
35.71.139.29 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
afb83dd09526a6517.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
date
Tue, 30 Jul 2024 08:26:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

location
/xuid?ld=1&mid=7969&xuid=9B2E006A12384AEE85FBF567D177AE2F&dongle=yf3&gdpr=0&cmp_cs=&us_privacy=
date
Tue, 30 Jul 2024 08:26:37 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
simplifi.partners.tremorhub.com/
Redirect Chain
  • https://um.simpli.fi/telaria_p
  • https://simplifi.partners.tremorhub.com/sync?UISF=9B2E006A12384AEE85FBF567D177AE2F
43 B
175 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simplifi.partners.tremorhub.com/sync?UISF=9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
2600:1f18:612b:4200:f1a7:5f86:cb95:d987 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 30 Jul 2024 08:26:37 GMT
server
nginx
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://simplifi.partners.tremorhub.com/sync?UISF=9B2E006A12384AEE85FBF567D177AE2F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 29 Jul 2024 08:26:37 GMT
check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain
  • https://um.simpli.fi/tapad
  • https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=9B2E006A12384AEE85FBF567D177AE2F
  • https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9B2E006A12384AEE85FBF567D177AE2F
95 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=9B2E006A12384AEE85FBF567D177AE2F
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
empty.gif
um.simpli.fi/
Redirect Chain
  • https://um.simpli.fi/ad_advisor
  • https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=9B2E006A12384AEE85FBF567D177AE2F
  • https://d.agkn.com/pixel/10751/?che=1722327997254&ip=38.132.118.75&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D213200604959005772057
  • https://um.simpli.fi/aa_px?sk=213200604959005772057
  • https://um.simpli.fi/empty.gif
43 B
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/empty.gif
Protocol
H2
Server
35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
159.66.194.35.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
/empty.gif
access-control-allow-origin
*
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain
  • https://um.simpli.fi/intentiq
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9B2E006A12384AEE85FBF567D177AE2F
0
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
2600:9000:2073:d200:1b:6b7d:2300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
via
1.1 d01a0cfc47d6e412dd81c986ff5d69da.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD50-C2
x-cache
Miss from cloudfront
content-type
text/html
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Sk_rQNToPfPfnbt3hPzQ-o5v3rS7D1rntoOinPiVpezOIn_9zo5V9A==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=9B2E006A12384AEE85FBF567D177AE2F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 29 Jul 2024 08:26:37 GMT
Pug
image2.pubmatic.com/AdServer/
Redirect Chain
  • https://um.simpli.fi/pubmatic
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9B2E006A12384AEE85FBF567D177AE2F
42 B
551 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
104.36.113.107 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Tue, 30 Jul 2024 08:26:36 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
content-type
image/gif; charset=utf-8

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTgwNiZ0bD01MTg0MDA=&piggybackCookie=uid:9B2E006A12384AEE85FBF567D177AE2F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 29 Jul 2024 08:26:37 GMT
user-registering
ads.stickyadstv.com/
Redirect Chain
  • https://um.simpli.fi/freewheel
  • https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=9B2E006A12384AEE85FBF567D177AE2F
43 B
653 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=9B2E006A12384AEE85FBF567D177AE2F
Protocol
HTTP/1.1
Server
63.251.28.210 Secaucus, United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Jul 2024 08:26:37 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
x-sticky-vk
1722327997360063-297

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://ads.stickyadstv.com/user-registering?dataProviderId=753&userId=9B2E006A12384AEE85FBF567D177AE2F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 29 Jul 2024 08:26:37 GMT
engine
pbid.pro-market.net/
Redirect Chain
  • https://um.simpli.fi/dtnx
  • https://fei.pro-market.net/engine?du=24;csync=9B2E006A12384AEE85FBF567D177AE2F;mimetype=img;
  • https://fei.pro-market.net/engine?du=24;csync=9B2E006A12384AEE85FBF567D177AE2F;mimetype=img;sr
  • https://cms.analytics.yahoo.com/cms?partner_id=DATCS
  • https://ups.analytics.yahoo.com/ups/58726/cms?partner_id=DATCS
  • https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Fqa1uxJE2pSsjmZPiSEgTWEwbgMRDhvB7LE-~A
43 B
392 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Fqa1uxJE2pSsjmZPiSEgTWEwbgMRDhvB7LE-~A
Protocol
H2
Server
2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
via
1.1 google
server
Apache-Coyote/1.1
anserver
gapp1
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
*
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
content-length
43
expires
Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

location
https://pbid.pro-market.net/engine?du=81&mimetype=img&csync=y-Fqa1uxJE2pSsjmZPiSEgTWEwbgMRDhvB7LE-~A
date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
/
loadm.exelator.com/load/
Redirect Chain
  • https://um.simpli.fi/exelatem
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=9B2E006A12384AEE85FBF567D177AE2F&j=0
  • https://loadm.exelator.com/load/?p=204&g=2191&simid=9B2E006A12384AEE85FBF567D177AE2F&j=0&xl8blockcheck=1
0
767 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadm.exelator.com/load/?p=204&g=2191&simid=9B2E006A12384AEE85FBF567D177AE2F&j=0&xl8blockcheck=1
Protocol
H2
Server
34.229.3.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-229-3-43.compute-1.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location
https://loadm.exelator.com/load/?p=204&g=2191&simid=9B2E006A12384AEE85FBF567D177AE2F&j=0&xl8blockcheck=1
content-type
image/gif
cache-control
no-cache
access-control-allow-credentials
true
content-length
0
sync
ups.analytics.yahoo.com/ups/55964/
Redirect Chain
  • https://um.simpli.fi/yahoo
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=9B2E006A12384AEE85FBF567D177AE2F
  • https://ups.analytics.yahoo.com/ups/55964/sync?uid=9B2E006A12384AEE85FBF567D177AE2F&verify=true
0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55964/sync?uid=9B2E006A12384AEE85FBF567D177AE2F&verify=true
Protocol
H2
Server
34.200.65.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-200-65-202.compute-1.amazonaws.com
Software
ATS/9.1.10.121 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/55964/sync?uid=9B2E006A12384AEE85FBF567D177AE2F&verify=true
date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.121
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
sync.bfmio.com/
Redirect Chain
  • https://um.simpli.fi/beachfront
  • https://sync.bfmio.com/sync?pid=141&uid=9B2E006A12384AEE85FBF567D177AE2F
0
421 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.bfmio.com/sync?pid=141&uid=9B2E006A12384AEE85FBF567D177AE2F
Protocol
HTTP/1.1
Server
52.201.36.253 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-201-36-253.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Date
Tue, 30 Jul 2024 08:26:36 GMT

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://sync.bfmio.com/sync?pid=141&uid=9B2E006A12384AEE85FBF567D177AE2F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 29 Jul 2024 08:26:37 GMT
29931
stags.bluekai.com/site/
Redirect Chain
  • https://um.simpli.fi/bluekai
  • https://stags.bluekai.com/site/29931?id=9B2E006A12384AEE85FBF567D177AE2F
62 B
480 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stags.bluekai.com/site/29931?id=9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
23.39.185.111 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-39-185-111.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-type
image/gif
date
Tue, 30 Jul 2024 08:26:37 GMT
content-length
62
x-request-id
de292d9c2f44f2303c53fcb32349e88e
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://stags.bluekai.com/site/29931?id=9B2E006A12384AEE85FBF567D177AE2F
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 29 Jul 2024 08:26:37 GMT
tpid=9B2E006A12384AEE85FBF567D177AE2F
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain
  • https://um.simpli.fi/crwdcntrl
  • https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=9B2E006A12384AEE85FBF567D177AE2F
  • https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9B2E006A12384AEE85FBF567D177AE2F
49 B
543 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
107.23.203.136 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-107-23-203-136.compute-1.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.40.1.133
content-length
49
expires
0

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=9B2E006A12384AEE85FBF567D177AE2F
cache-control
no-cache
x-server
10.40.0.117
content-length
0
expires
0
merge
ce.lijit.com/
Redirect Chain
  • https://um.simpli.fi/lj_match
  • https://ce.lijit.com/merge?pid=2&3pid=9B2E006A12384AEE85FBF567D177AE2F
  • https://ce.lijit.com/merge?pid=2&3pid=9B2E006A12384AEE85FBF567D177AE2F&dnr=1
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ce.lijit.com/merge?pid=2&3pid=9B2E006A12384AEE85FBF567D177AE2F&dnr=1
Protocol
H2
Server
44.205.172.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-205-172-22.compute-1.amazonaws.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
content-type
image/gif
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
43
expires
Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
vary
Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://ce.lijit.com/merge?pid=2&3pid=9B2E006A12384AEE85FBF567D177AE2F&dnr=1
cache-control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
content-length
0
expires
Fri, 20 Mar 2009 00:00:00 GMT
db_sync
px.ads.linkedin.com/
Redirect Chain
  • https://um.simpli.fi/liveramp_match
  • https://idsync.rlcdn.com/419566.gif?partner_uid=9B2E006A12384AEE85FBF567D177AE2F
  • https://idsync.rlcdn.com/1000.gif?memo=CO7NGRIrCicIARDuJBogOUIyRTAwNkExMjM4NEFFRTg1RkJGNTY3RDE3N0FFMkYQABoNCL3HorUGEgUI6AcQAEIASgA
  • https://pippio.com/api/sync?pid=5324&it=1&iv=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&_=2
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&rand=01540034
  • https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&rand=01540034&expected_cookie=6e9d9b8f-bff4-4289-878c-9703177b530a
0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/db_sync?pid=10339&puuid=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&rand=01540034&expected_cookie=6e9d9b8f-bff4-4289-878c-9703177b530a
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 37A5F1027F83477FB22925F134638245 Ref B: MIAEDGE2121 Ref C: 2024-07-30T08:26:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYecrx/3MlTx+vkKGdGgw==

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 9670BE5D6ABD44219442989E882448A2 Ref B: MIAEDGE2121 Ref C: 2024-07-30T08:26:37Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
location
/db_sync?pid=10339&puuid=f404987bda0b027dc189c518aa3ab0c0be5972fbcf0b7b9d280b5878daa0d974791426b5417dce21&rand=01540034&expected_cookie=6e9d9b8f-bff4-4289-878c-9703177b530a
x-li-proto
http/2
content-length
0
x-li-uuid
AAYecrx91mVZm/u8W4VDUA==
/
www.google.com/pagead/1p-conversion/1026675585/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/1026675585/?random=1722327996818&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1475270169&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLH...
  • https://www.google.com/pagead/1p-conversion/1026675585/?random=1475270169&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&psc...
42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-conversion/1026675585/?random=1475270169&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMInbXG46vOhwMVZFJHAR2XawC9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3BhbGFjYXNpbm8uY29tLw&is_vtc=1&cid=CAQSKQDaQooLycVKoosO4Gn8PPy-mBP1FK1D_DK0YOhvcwv8EvJjRR5buEL0&random=3004985764
Protocol
H3
Server
173.194.204.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
qb-in-f106.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://www.google.com/pagead/1p-conversion/1026675585/?random=1475270169&cv=7&fst=1722327996818&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&crd=CLHBsQIIsMGxAgi5wbEC&pscrd=IhMInbXG46vOhwMVZFJHAR2XawC9MgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAsyAggVMgIIHzICCBMyAggSOhdodHRwczovL3BhbGFjYXNpbm8uY29tLw&is_vtc=1&cid=CAQSKQDaQooLycVKoosO4Gn8PPy-mBP1FK1D_DK0YOhvcwv8EvJjRR5buEL0&random=3004985764
content-type
image/gif
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
spotx_match
um.simpli.fi/ 		0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/spotx_match
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
159.66.194.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
bounce
ib.adnxs.com/
Redirect Chain
  • https://um.simpli.fi/an
  • https://ib.adnxs.com/setuid?entity=66&code=9B2E006A12384AEE85FBF567D177AE2F
  • https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9B2E006A12384AEE85FBF567D177AE2F
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
68.67.179.155 North Bergen, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
an-x-request-uuid
cd053ff2-03d9-41b5-9eb0-8ff40e0f9154
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
an-x-request-uuid
ba0fb8a6-e10a-4fc4-bd6c-aeb34b3644e9
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
location
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3D9B2E006A12384AEE85FBF567D177AE2F
cache-control
no-store, no-cache, private
x-proxy-origin
38.132.118.75; 38.132.118.75; 579.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
tap.php
pixel.rubiconproject.com/
Redirect Chain
  • https://um.simpli.fi/rb_match
  • https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9B2E006A12384AEE85FBF567D177AE2F&expires=365
42 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9B2E006A12384AEE85FBF567D177AE2F&expires=365
Protocol
HTTP/1.1
Server
69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
b5ba23d75d0dcd35432b720d73e3149b
Expires
0

Redirect headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
server
openresty
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
location
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=9B2E006A12384AEE85FBF567D177AE2F&expires=365
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
142
expires
Mon, 29 Jul 2024 08:26:37 GMT
sd
us-u.openx.net/w/1.0/
Redirect Chain
  • https://um.simpli.fi/ox_match
  • https://us-u.openx.net/w/1.0/sd?id=537072966&val=9B2E006A12384AEE85FBF567D177AE2F
  • https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9B2E006A12384AEE85FBF567D177AE2F
43 B
171 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9B2E006A12384AEE85FBF567D177AE2F
Protocol
H2
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072966&val=9B2E006A12384AEE85FBF567D177AE2F
date
Tue, 30 Jul 2024 08:26:37 GMT
via
1.1 google
server
OXGW/0.0.0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
p3p
CP="CUR ADM OUR NOR STA NID"
g_match
um.simpli.fi/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
  • https://um.simpli.fi/g_match?id=&google_gid=CAESENIYtQ620Z6zRxkSOhzD5V4&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=9B2E006A12384AEE85FBF567D177AE2F
  • https://um.simpli.fi/g_match?id=
0
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/g_match?id=
Protocol
H2
Server
35.194.66.159 Washington, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
159.66.194.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
Mon, 29 Jul 2024 08:26:37 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Jul 2024 08:26:37 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://um.simpli.fi/g_match?id=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
229
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r--l8hDP.json
cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/config/ 		34 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/config/r--l8hDP.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a5115fa4d7b41c491ae0638bf7499f21cc3282913e22c2a272d6a97b71cf38ab

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 16:02:54 GMT
server
cloudflare
age
937
etag
W/"8699-61e64fe68fa0d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8ab3f6fc98c8a518-MIA
vpl_qKdS.json
cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/translations/ 		2 KB
941 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/translations/vpl_qKdS.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3770cfe74cb6a3273ca932aea9ebb6ca98b05390a0b428f33b61b826e2ca8bc

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 16:02:54 GMT
server
cloudflare
age
936
etag
W/"813-61e64fe6909ad"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8ab3f6fcd8f3a518-MIA
Uk3kobyZ.json
cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/audit-table/ 		13 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/audit-table/Uk3kobyZ.json
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/banner.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d35674c9eb5711c705918a2c1b6d127888076e5bed9a0dcd642bbba62d0a51b7

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:36 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 29 Jul 2024 16:02:54 GMT
server
cloudflare
age
936
etag
W/"3313-61e64fe68fa0d"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, must-revalidate, s-maxage=604800, proxy-revalidate
cf-ray
8ab3f6fd2909a518-MIA
revisit.svg
cdn-cookieyes.com/assets/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/revisit.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:47 GMT
server
cloudflare
age
80091
etag
W/"923-5da3a668dacc0"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
8ab3f6fd7c9e8dc4-MIA
close.svg
cdn-cookieyes.com/assets/images/ 		1 KB
772 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/close.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:40:50 GMT
server
cloudflare
age
80088
etag
W/"541-5da3a66c769d4"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
8ab3f6fd7ca08dc4-MIA
poweredbtcky.svg
cdn-cookieyes.com/assets/images/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-cookieyes.com/assets/images/poweredbtcky.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:1408 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 30 Jul 2024 08:26:37 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 15 Mar 2022 04:41:24 GMT
server
cloudflare
age
80098
etag
W/"eb2-5da3a68c50d09"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=604800, proxy-revalidate
cf-ray
8ab3f6fd7ca18dc4-MIA
log
log.cookieyes.com/api/v1/ 		2 B
152 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://log.cookieyes.com/api/v1/log
Requested by
Host: cdn-cookieyes.com
URL: https://cdn-cookieyes.com/client_data/e1b0ad010eb0629257daf283/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.51.116 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-51-116.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://palacasino.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryOZHjNMVbvZx8xcaN

Response headers

access-control-allow-origin
*
date
Tue, 30 Jul 2024 08:26:37 GMT
x-powered-by
Express
content-length
2
etag
W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
content-type
text/plain; charset=utf-8

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| WebFont object| Typekit object| cookieyes object| dataLayer object| currentdate function| $ function| jQuery function| objectFitPolyfill function| tram object| Webflow object| regeneratorRuntime function| revisitCkyConsent function| performBannerAction function| getCkyConsent function| pure_Promise object| pure_JSON object| pure_CSS function| pure_URL function| pure_fetch function| pure_Set function| pure_Map object| webpackChunkwidget object| AJS object| acsbJS object| AccessiBe object| acsb object| accessWidget object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| _fbq_gtm_ids object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal function| UET function| UET_init function| UET_push object| ueto_69ecbe85e5 object| uetq object| sifi_att_2568878174775156 object| gaplugins object| gaData function| pure_addEventListener function| pure_removeEventListener

57 Cookies

Domain/Path Name / Value
.simpli.fi/ Name: suid
Value: 9B2E006A12384AEE85FBF567D177AE2F
.bing.com/ Name: MUID
Value: 03E35271E16862AA095346BDE0D663F2
.bat.bing.com/ Name: MR
Value: 0
.simpli.fi/ Name: uid_syncd_secure
Value: true
.doubleclick.net/ Name: IDE
Value: AHWqTUkI-o3PXadwDB8Jt5ZMzX2Pk_kvP-SaGgI3erVzJflvLbMqXxAptxH5s-rh
.tapad.com/ Name: TapAd_TS
Value: 1722327997149
.tapad.com/ Name: TapAd_DID
Value: c6744124-6895-47ad-96cc-ac0d213ac8a3
.3lift.com/ Name: tluidp
Value: 298936268948578182271
.3lift.com/ Name: tluid
Value: 298936268948578182271
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81ea601a-ad84-47b8-b00e-202dfc1a2f46-005%22%7D
.rlcdn.com/ Name: rlas3
Value: Kjy25F0xcmgCNfShlLI4DCy+16ryHfQrzJTKiilhzc0=
.smaato.net/ Name: SCM
Value: a75823e112
.smaato.net/ Name: SCMaps
Value: a75823e112
.smaato.net/ Name: SCM1001136
Value: a75823e112
.yahoo.com/ Name: A3
Value: d=AQABBL2jqGYCEPaj-YMNIghm83Kb2Xko22kFEgEBAQH1qWayZtxH0iMA_eMAAA&S=AQAAAiOat1dcb1weejkNJ699Tps
.intentiq.com/ Name: IQver
Value: 1.9
.adnxs.com/ Name: XANDR_PANID
Value: Y_bIvvTWCzKyXQ9kjq9ViIoH_01drGH0iQ1QbV7ZbVr9hl21IyfQao0Nkvm_XaW3Et90nPYo0pUnjyxIe7mM6laFogLkgAMigeooHr5z8xc.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 1511855146823729570
.lijit.com/ Name: ljt_reader
Value: JE56AQZH1J65kGh3R8ido0D0
.agkn.com/ Name: ab
Value: 0001%3AmcchWP4LeYJFgR1RKHO4TGS2DvhaDV3m
.exelator.com/ Name: EE
Value: "f3e608e2f4ae42a32a0ff5f3d289a4d5"
.openx.net/ Name: i
Value: 0bc63da1-79db-4037-8909-81da4ebc075b|1722327997
.rubiconproject.com/ Name: audit_p
Value: 1|Qvvko9Djjz/guN8Z9ZZ7GdEXzVXExRYhF0XF/SF+dxebz16xSA9sXauVE+6dsX9gCsbV3HgIk8CM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk97mK5lkDFUvf7oslwMsUVRq0QGSmWrM3gLWOKarBSjdToXJT27lMU5SpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: khaos
Value: LZ85MC19-1F-J3UW
.rubiconproject.com/ Name: khaos_p
Value: LZ85MC19-1F-J3UW
.rubiconproject.com/ Name: audit
Value: 1|Qvvko9Djjz/guN8Z9ZZ7GdEXzVXExRYhF0XF/SF+dxebz16xSA9sXauVE+6dsX9gCsbV3HgIk8CM1KxoLazIt04KBbjzRD/Y5dDZuxGLGk97mK5lkDFUvf7oslwMsUVRq0QGSmWrM3gLWOKarBSjdToXJT27lMU5SpxNqhhzGypRm99a3bMoP35/bkYCLFZe
.rubiconproject.com/ Name: receive-cookie-deprecation
Value: 1
.rlcdn.com/ Name: pxrc
Value: CL3HorUGEgUI6AcQABIFCOhHEAA=
.lijit.com/ Name: _ljtrtb_2
Value: 9B2E006A12384AEE85FBF567D177AE2F
.adnxs.com/ Name: anj
Value: dTM7k!M4.FE:2jUF']wIg2ImRs+z<G!@wnfH8KW.dG5<#Z0wSzoH(*4p'NJAGlqBjqAxgrp5c/mF)x/EH]Ud)o@m/-usJr/(j#iP(Md+>)fy*_oZ=3H
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSHNONXMwCLVKM0kMdXEKNHYKNEgLc00zTjFyMIy0STFdHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDIfEl%252BUWb6otDgxUUpaQyLSopPBZ9oTAAAxTcqvg%253D%253D"
.bfmio.com/ Name: __141_cid
Value: 9B2E006A12384AEE85FBF567D177AE2F
.bfmio.com/ Name: __io_cid
Value: 535d7c23e7fd40a6318a83d36fa0b321c788a8f7
.pubmatic.com/ Name: KRTBCOOKIE_148
Value: 19421-uid:9B2E006A12384AEE85FBF567D177AE2F&KRTB&23486-uid:9B2E006A12384AEE85FBF567D177AE2F&KRTB&23489-uid:9B2E006A12384AEE85FBF567D177AE2F&KRTB&23539-uid:9B2E006A12384AEE85FBF567D177AE2F
.pubmatic.com/ Name: PugT
Value: 1722327996
.pro-market.net/ Name: anHistory
Value: "8s555oh2y9b4+2+!#7')$E#J[0"
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 9c812114c474929e73451d8c5539e7b4
.ads.stickyadstv.com/ Name: UID
Value: 914e9a80a61384b11ccaac377b575a
.ads.stickyadstv.com/ Name: uid-bp-26865
Value: 9B2E006A12384AEE85FBF567D177AE2F
.bluekai.com/ Name: bku
Value: blx99ntM3sRQBdx0
.bluekai.com/ Name: bkpa
Value: KJy9nyexd02pSUHknp/8mE1hwtkAwEkY1ADy1ejO1E/pmeHOHDDTBDjYHMDtB6xhBp5OHEJs9y9Gwxr8
.analytics.yahoo.com/ Name: IDSYNC
Value: "176k~2ju8:19ba~2ju8"
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-81ea601a-ad84-47b8-b00e-202dfc1a2f46-005%22%7D
.amazon-adsystem.com/ Name: ad-id
Value: A6H4VI7RDUWaouSJFdpYewI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.agkn.com/ Name: u
Value: C|0AAAAAAAALjtgPQAAAAAA
.pro-market.net/ Name: anProfile
Value: "8s555oh2y9b4+1+1j=57:1+rs=s+rt=200105501D0500010000000000000005+s2=(shfgsd)+vm=24-9B2E006A12384AEE85FBF567D177AE2F:81-y-Fqa1uxJE2pSsjmZPiSEgTWEwbgMRDhvB7LE-%7EA"
.pippio.com/ Name: did
Value: HioE44KgPfFJt_De
.pippio.com/ Name: didts
Value: 1722327997
.pippio.com/ Name: nnls
Value:
.pippio.com/ Name: pxrc
Value: CL3HorUGEgYIgr0rEAA=
.linkedin.com/ Name: li_sugr
Value: 6e9d9b8f-bff4-4289-878c-9703177b530a
.linkedin.com/ Name: bcookie
Value: "v=2&02d18b7b-c062-43c7-84bb-b78e61b5165f"
.linkedin.com/ Name: lidc
Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2962:u=1:x=1:i=1722327997:t=1722414397:v=2:sig=AQEn6g2a-jj1w8reIddaI-qH8oqk9N53"

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=300
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
acsbapp.com
ads.stickyadstv.com
ajax.googleapis.com
analytics.google.com
assets.website-files.com
bat.bing.com
bcp.crwdcntrl.net
cdn-cookieyes.com
cdn.acsbapp.com
cdn.prod.website-files.com
ce.lijit.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
d.agkn.com
d3e54v103j8qbb.cloudfront.net
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
loadm.exelator.com
log.cookieyes.com
p.typekit.net
palacasino.com
pbid.pro-market.net
pippio.com
pixel.rubiconproject.com
pixel.tapad.com
px.ads.linkedin.com
s.ad.smaato.net
s.amazon-adsystem.com
simplifi.partners.tremorhub.com
stags.bluekai.com
stats.g.doubleclick.net
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
104.18.28.203
104.36.113.107
107.178.254.65
107.23.203.136
108.138.61.162
13.225.63.112
142.251.179.157
146.75.30.132
172.217.222.97
172.253.63.155
173.194.204.106
23.39.185.111
2600:1408:c400:29::17da:da49
2600:1408:c400:29::17da:da50
2600:1901:0:8eee::
2600:1f18:612b:4200:f1a7:5f86:cb95:d987
2600:9000:2073:d200:1b:6b7d:2300:93a1
2600:9000:20e2:d600:11:3b84:d200:93a1
2600:9000:2305:b000:1b:5138:8a40:93a1
2600:9000:26fa:d200:19:fc2c:a140:93a1
2606:4700:10::6816:1cc
2606:4700:10::ac43:1408
2606:4700:10::ac43:b9b
2607:f8b0:4004:c08::5f
2607:f8b0:4004:c09::61
2607:f8b0:400d:c04::9a
2607:f8b0:400d:c07::5e
2607:f8b0:400d:c07::8a
2607:f8b0:400d:c0e::5f
2607:f8b0:400d:c0f::8a
2620:1ec:21::14
2620:1ec:c11::237
2a03:2880:f003:c0e:face:b00c:0:3
2a03:2880:f103:83:face:b00c:0:25de
31.13.66.19
34.111.113.62
34.200.65.202
34.229.3.43
34.86.70.109
35.194.66.159
35.244.154.8
35.244.159.8
35.71.139.29
44.205.172.22
52.201.36.253
52.46.155.104
54.154.51.116
63.251.28.210
68.67.179.155
69.173.151.100
69.194.240.13
74.125.192.155
001d8a10f7fa65efb142212df4f00867320cda3b9ee9075d7dbe50ef090e14e0
0170197caffee3d73fe659b2b65d4c50b88310d98752d7dba0e7988e7dfe4376
0203289cdaa198c6766465dd58ea581f719b814112689e8427374b3b06a1b6a6
0418dffa2bed9a6300fed9d918f688e7f195b08f4c6f016a07f62ae48fe9609e
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c3057ce57ed38e93fb3962ca931bcbfe17d944c5d2526334461bac1cca27cf7
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ddb074f9963be8f6275c42dbd54d18625da8f91c85803121094ec81649f488b
21eb0ef1c5f416bd7837e9bcf5c0ba1b026a9d56e5aed213871957ff442cae1d
23f942eee8a37d3680b7e66c27c3d232fee4f6f956fe2f5203bc85c2d6083e28
2436f407056e04d9c8753aec7e9ed9821ae22d0b92075edb9698a42ac6d6433c
273c8613cdd2852dd5318f224d804ae6d2fc717c48d3f1dab587b6d396fb4fc8
286d82fe6d084769a7d0ae0de0f4c06e5e535735166d77dbc64817b046ea8c5f
2d10d2f5a024c25fccdc6365d98d19046ca4a109ccd0ae067df5e4eeb894cdc4
2e015eaf7cdbac1fa5bac9e96b637bfac31c42949b17ebe97de46e3e001fbf29
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3642df12f0d930d5846a96652080908eb2f383b602a95cf80d1e6227e66e1c46
38ad2454a40eddc53c689437a549462a7cd36fbb8766df6ae792b68819bd2a71
3a6742cf73c6f9e254460c909db9da18780538a2fe96fb771ab5ef47a4f3dfae
3ad6c8bd3624555dd79177efe91f0aca20e7f28597fa6b49762c27f337500d8d
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
41ff2900f974a6255f8216d74e968857ae0cff7d08280d15d7b487b20583bf3e
499ec54eb2afd103ec37505e23c6570fc7d89a0d728dde19d87a092e4a3261b4
4b0864712c6e7ca75f8c003f7bc1a9270af33d6becd4119463771593274c48d2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
50d0c1742d80ac71f4cde20e8c04d41a24806af342831f479938b527fbff0972
5614f82794197c420cba842f744597909431441e86d989662ef18c7e03673ad2
5625a6da92a972f82d452142f8a8693d6b23b079563e1c17da79221943c6660d
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
595c14bd7589b069e4570ba658cfab8850611639e8a077ca84ef263bfa4671f9
5bdeee1e71949c1a0df89565634ada34da7f0ca4e2c07c4e77da8073812654dd
5c2d662e92bcbf1a5970b97040f901031295e79a96314db8302f549003022087
5d55c2ee057e62f8ce3ae885e0a3bdd2d667119628b24bf4980f2b6cc1242149
5d7f2613330745577958d3e8ce2de7c29caa11f17a032b8758a670fa04d0c888
619a56cdb430b8655b21d6beb66789b6c156cd8635881a1e6406ca603e84d87a
7293b1876859b0fba5c4f883e7e478204444cc4d7a7a690d44caad0ebb93f0ad
75ca7c01eaa8136d970bde6ea6ae0896d2fe30febf82e7679257df6e1f8a7496
763a5ee6dc13c65468d8521184e5f2a0600e776f197125935f070424c3f8c40f
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
78cff4f513f08c8e5cb2f1a9beeae59483afadd4d61dd04aa6b95c8a0d887480
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
82692f9b640f1f9a2f059e8b301a314e7718ccb755032c793eca106b3ac48d88
8e35ad724e635f5af6f8af5028940545d05facbf20ee492648ed094094e28097
90ca30a1f9a0b327536daa464302c6c3a3db609f8fc8420072a71dbb9677ca2b
911f58b8d14bd6f73a83fd774e44bec97e896317c7093dc83e96921e64f1fbd5
92443d06835a28423649bca60e6d755e4a1bd09638443196d58e0dd1f06c827f
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
937413cbbb15fb9f6b7fc1403f06506533a8a9e496658afeff9eb468029895a4
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a049e1abe441835a2bcf35258936072189a0a52d0000c4ed2094e59d2afd189b
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a14139291495338b91c9921003dfe189b44004cf6e521c63bc897cee78544c8b
a305b32c129a84e1cf63b7db293b5e26af64a7d5d8899e0d1a529a6216d4015f
a3770cfe74cb6a3273ca932aea9ebb6ca98b05390a0b428f33b61b826e2ca8bc
a5115fa4d7b41c491ae0638bf7499f21cc3282913e22c2a272d6a97b71cf38ab
a666031ae8808f5da56f972e6e3ef6da4c16fc59bd735b18edd6763998fc4326
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
abd0c69608a1a4b0ce5f6056bc20bcf62a2a29271a4cf5e33fa1f53bf7cb19cb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c56bc521191afc0105f21cbd7b3f168e59da46088b26dd6802f92dcb97ac0ba4
c6d0284bf70d7e02523f93337303bb3be3b6b5e92ff49dba2ed848d6dfc40a37
c8356c413b566272ba50c98d4ce0546e1fce6177ceb6cf8c2a7efe0a65e085a1
ca5d7ec2026a44dbe965a225895a7db86b22d4cef3d5d68d232fa8b57d18127a
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d35674c9eb5711c705918a2c1b6d127888076e5bed9a0dcd642bbba62d0a51b7
d97b6b36138296554bbb47e6f54740a29108cd1fdd88047cad45af0917fd1608
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e13ffa988be59cbf299d7ff68f019f902b60848203ac4990819eb7e4624ee52d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eaa003d85cb77f94fcae98396e583ce01d0c375b57235402c884ef8a792b951e
ed7c487f915432d9464e2af0a83002ee93596e86e076f3c917e439e5b844d08b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
f26d787a7447cd8e79836e762287cddf6d0dd885adb37155750f689db0791f10
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f6b9eebb05461840790fc804b4590323ef12a57fe5af7fcdeed2d798e572844b
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f90f27178af4250a102768d6c3f1218a2c855e3f65c5edd9a8b1502794991056
fd2d6df4830b8c889093a8b06bf36cc105cf21da50f2248ece2ec46c29de7cb4
ffcfb87808eb068ef005bace16cc8c36fed7334a86d9f875a7525fc3ea79e356