www.downtowngrand.com Open in urlscan Pro
104.18.160.83 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.downtowngrand.com/
Effective URL:
https://www.downtowngrand.com/
Submission: On November 18 via api (November 18th 2023, 10:41:18 pm UTC) from US — Scanned from DE

Summary HTTP 128 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 44 domains to perform 128 HTTP transactions. The main IP is 104.18.160.83, located in and belongs to CLOUDFLARENET, US. The main domain is www.downtowngrand.com.
TLS certificate: Issued by GTS CA 1P5 on October 9th 2023. Valid for: 3 months.

This is the only time www.downtowngrand.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 21	104.18.160.83 104.18.160.83	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:4416	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
4	2600:9000:225... 2600:9000:225b:7600:b:4a4a:a7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2 2	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2600:9000:225... 2600:9000:225b:fc00:1:279d:1d40:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6810:c218	13335 (CLOUDFLAR...) (CLOUDFLARENET)
16	2600:9000:26d... 2600:9000:26da:da00:5:8193:8e40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	44.238.236.15 44.238.236.15	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:3965	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:e2:... 2606:4700:e2::ac40:8a05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
5	2a03:2880:f08... 2a03:2880:f080:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 2	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	18.173.187.96 18.173.187.96	16509 (AMAZON-02) (AMAZON-02)
2	35.204.89.238 35.204.89.238	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0a::9d	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1 5	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
1	18.196.55.188 18.196.55.188	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:a453	13335 (CLOUDFLAR...) (CLOUDFLARENET)
17	2a03:2880:f17... 2a03:2880:f173:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	23.45.238.237 23.45.238.237	16625 (AKAMAI-AS) (AKAMAI-AS)
19 25	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2600:9000:237... 2600:9000:237d:7800:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
2 3	46.228.174.117 46.228.174.117	56396 (AMOBEE) (AMOBEE)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:7574:b4b8:a72d:d165	14618 (AMAZON-AES) (AMAZON-AES)
1 2	34.111.113.62 34.111.113.62	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	52.213.93.159 52.213.93.159	16509 (AMAZON-02) (AMAZON-02)
1 1	3.123.116.199 3.123.116.199	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.13 99.84.88.13	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3 3	216.58.212.130 216.58.212.130	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	52.22.242.5 52.22.242.5	14618 (AMAZON-AES) (AMAZON-AES)
1	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	176.34.182.11 176.34.182.11	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	37.252.171.21 37.252.171.21	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
128	47

21 104.18.160.83 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.downtowngrand.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:4416 (United States)

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:225b:7600:b:4a4a:a7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

frontend.cdn.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3121::3 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

widgets.gtsgig.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225b:fc00:1:279d:1d40:93a1 (United States)

ASN16509 (AMAZON-02, US)

forge.gtsgapps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:c218 (United States)

ASN13335 (CLOUDFLARENET, US)

frontend.tambo.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2600:9000:26da:da00:5:8193:8e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

symphony.cdn.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.236.15 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-238-236-15.us-west-2.compute.amazonaws.com

contact-api.inguest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:3965 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e2::ac40:8a05 (United States)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f080:9:face:b00c:0:3 (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-96.muc50.r.cloudfront.net

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.204.89.238 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 238.89.204.35.bc.googleusercontent.com

tag.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0a::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.55.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-196-55-188.eu-central-1.compute.amazonaws.com

6119418.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a453 (United States)

ASN13335 (CLOUDFLARENET, US)

api.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 2a03:2880:f173:81:face:b00c:0:25de (Amsterdam, Netherlands)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.45.238.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-237.deploy.static.akamaitechnologies.com

2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 34.91.62.186 (Groningen, Netherlands) 19 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:7800:1b:5138:8a40:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.228.174.117 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:7574:b4b8:a72d:d165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.113.62 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.213.93.159 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-93-159.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.116.199 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-116-199.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-13.muc50.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.58.212.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f130.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.242.5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-242-5.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.192.160.219 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.34.182.11 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-176-34-182-11.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN32475 (SINGLEHOP-LLC, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.21 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	simpli.fi 19 redirects tag.simpli.fi — Cisco Umbrella Rank: 4323 i.simpli.fi — Cisco Umbrella Rank: 3693 um.simpli.fi — Cisco Umbrella Rank: 795	12 KB
21	tambourine.com frontend.cdn.tambourine.com — Cisco Umbrella Rank: 108292 symphony.cdn.tambourine.com — Cisco Umbrella Rank: 108335 api.tambourine.com — Cisco Umbrella Rank: 118975	9 MB
21	downtowngrand.com 1 redirects www.downtowngrand.com	464 KB
17	facebook.com www.facebook.com — Cisco Umbrella Rank: 110	499 B
9	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	6 KB
6	google.de www.google.de — Cisco Umbrella Rank: 6862	861 B
6	google.com 1 redirects region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2	1 KB
5	facebook.net connect.facebook.net — Cisco Umbrella Rank: 174	194 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2436 pbid.pro-market.net — Cisco Umbrella Rank: 7860	1 KB
3	bing.com bat.bing.com — Cisco Umbrella Rank: 366	14 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 246	2 KB
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1743	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 560 d.agkn.com — Cisco Umbrella Rank: 755	1 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 487	1 KB
2	1rx.io 2 redirects sync.1rx.io — Cisco Umbrella Rank: 567	712 B
2	rackcdn.com 2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com — Cisco Umbrella Rank: 154029	963 KB
2	googleadservices.com 1 redirects www.googleadservices.com — Cisco Umbrella Rank: 145	19 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	gstatic.com fonts.gstatic.com	55 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	201 KB
2	tambo.site frontend.tambo.site	28 KB
2	gtsgapps.com forge.gtsgapps.com — Cisco Umbrella Rank: 141535	20 KB
2	gtsgig.com 2 redirects widgets.gtsgig.com — Cisco Umbrella Rank: 158359	837 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 522	264 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 376	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 415	98 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 882	311 B
1	crwdcntrl.net bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	266 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 921	444 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1749	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 886
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6321	175 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	unrulymedia.com sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268	378 B
1	smaato.net s.ad.smaato.net — Cisco Umbrella Rank: 716	237 B
1	siteimproveanalytics.io 6119418.global.siteimproveanalytics.io — Cisco Umbrella Rank: 196161	479 B
1	adsrvr.org insight.adsrvr.org — Cisco Umbrella Rank: 584	149 B
1	thehotelsnetwork.com www.thehotelsnetwork.com — Cisco Umbrella Rank: 40061	17 KB
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3692	9 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 899	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	31 KB
1	inguest.com contact-api.inguest.com — Cisco Umbrella Rank: 131046	2 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	termly.io app.termly.io — Cisco Umbrella Rank: 19322	91 KB
128	44

	Domain	Requested by
25	um.simpli.fi	19 redirects
21	www.downtowngrand.com	1 redirects www.downtowngrand.com frontend.cdn.tambourine.com
17	www.facebook.com	www.downtowngrand.com
16	symphony.cdn.tambourine.com	www.downtowngrand.com
6	www.google.de	www.downtowngrand.com
5	www.google.com	1 redirects www.downtowngrand.com
5	connect.facebook.net	www.downtowngrand.com connect.facebook.net
4	googleads.g.doubleclick.net	1 redirects www.googletagmanager.com www.googleadservices.com
4	frontend.cdn.tambourine.com	www.downtowngrand.com
3	cm.g.doubleclick.net	3 redirects
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.downtowngrand.com
2	ib.adnxs.com	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	sync.1rx.io	2 redirects
2	2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com	www.downtowngrand.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	fonts.gstatic.com	fonts.googleapis.com
2	www.googletagmanager.com	www.downtowngrand.com www.googletagmanager.com
2	frontend.tambo.site	www.downtowngrand.com
2	forge.gtsgapps.com	www.downtowngrand.com
2	widgets.gtsgig.com	2 redirects
1	us-u.openx.net
1	pixel.rubiconproject.com
1	idsync.rlcdn.com
1	ce.lijit.com
1	bcp.crwdcntrl.net
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	eb2.3lift.com
1	sync.targeting.unrulymedia.com
1	s.ad.smaato.net
1	i.simpli.fi	tag.simpli.fi
1	api.tambourine.com	frontend.cdn.tambourine.com
1	6119418.global.siteimproveanalytics.io	www.downtowngrand.com
1	region1.analytics.google.com	www.googletagmanager.com
1	insight.adsrvr.org	www.downtowngrand.com
1	tag.simpli.fi	www.googletagmanager.com
1	www.thehotelsnetwork.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.downtowngrand.com
1	static.cloudflareinsights.com	www.downtowngrand.com
1	cdnjs.cloudflare.com	www.downtowngrand.com
1	contact-api.inguest.com	www.downtowngrand.com
1	fonts.googleapis.com	www.downtowngrand.com
1	app.termly.io	www.downtowngrand.com
128	53

This site contains links to these domains. Also see Links.

Domain
be.synxis.com
www.instagram.com
symphony.cdn.tambourine.com
www.google.com
www.facebook.com
twitter.com
www.preferredhotels.com
preferredhotels.com
recruiting.adp.com
www.chargerback.com

Subject Issuer	Validity	Valid
downtowngrand.com GTS CA 1P5	`2023-10-09` - `2024-01-07`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2023-05-03` - `2024-06-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
frontend.cdn.tambourine.com Amazon RSA 2048 M01	`2023-07-05` - `2024-08-02`	a year	crt.sh
tambo.site E1	`2023-09-30` - `2023-12-29`	3 months	crt.sh
symphony.cdn.tambourine.com Amazon RSA 2048 M02	`2023-02-23` - `2024-03-24`	a year	crt.sh
revinate.com Sectigo RSA Domain Validation Secure Server CA	`2023-03-06` - `2024-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2023-10-29` - `2024-01-27`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 01	`2023-10-24` - `2024-04-21`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-08-28` - `2023-11-26`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.thehotelsnetwork.com Amazon RSA 2048 M03	`2023-09-21` - `2024-10-19`	a year	crt.sh
*.simpli.fi DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-11-07` - `2024-12-07`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
api.tambourine.com GTS CA 1P5	`2023-11-09` - `2024-02-07`	3 months	crt.sh
*.ssl.cf1.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-27` - `2024-03-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://www.downtowngrand.com/
Frame ID: 2709BC9F6DFFACA1B105D78F5C5DC041
Requests: 130 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downtown Grand Hotel & Casino | Official Site

Page URL History Show full URLs

http://www.downtowngrand.com/ HTTP 301
https://www.downtowngrand.com/ Page URL

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Termly (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

app\.termly\.io/embed\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

128
Requests

84 %
HTTPS

50 %
IPv6

44
Domains

53
Subdomains

47
IPs

7
Countries

11527 kB
Transfer

13471 kB
Size

34
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://be.synxis.com/?chain=10237&currency=USD&hotel=10443&level=hotel&locale=en-US
Title: BOOK NOW

Search URL Search Domain Scan URL

URL: https://be.synxis.com/signin?_ga=2.111108614.2022330150.1667860689-1878032216.1661993128&_gl=1*mi7gz6*_ga*MTg3ODAzMjIxNi4xNjYxOTkzMTI4*_ga_8KQVZFDT29*MTY2Nzg2MDY4OC43MC4wLjE2Njc4NjA2OTcuNTEuMC4w&adult=1&arrive=2022-11-08&chain=10237&child=0&config=LASDG%C2%A4cy=USD&currency=USD&depart=2022-11-09&hotel=10443&level=hotel&locale=en-US&rooms=1&theme=LASDG
Title: Modify Existing Reservation

Search URL Search Domain Scan URL

URL: https://www.instagram.com/downtown_grand/
Title: downtown_grand

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/3-65403b184adc1.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/untitled-design-72-63fea79e0512c.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/2-65403b15cc07f.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_gallery-3-64e8c4a8f2af3.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_tgg-tomahawk-2-logo-762x663-64e8d1422227d.webp

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/downtown_grand_1-65403bbaef50b.webp

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Downtown+Grand+Hotel+%26+Casino/@36.1716389,-115.1416128,15z/data=!4m8!3m7!1s0x0:0xd1adfef5affb8705!5m2!4m1!1i2!8m2!3d36.1716389!4d-115.1416128
Title: 206 N. 3rd St. Las Vegas, 89101

Search URL Search Domain Scan URL

URL: https://www.instagram.com/downtown_grand
Title: .cls-1 { fill: #0099b7; fill-rule: evenodd; } Instagram

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DowntownGrandLV
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Downtown_Grand
Title: .st0{fill:#0099B7;} Twitter

Search URL Search Domain Scan URL

URL: https://www.preferredhotels.com/property/downtown-grand-hotel-casino-238810
Title: Downtown Grand Hotel & Casino

Search URL Search Domain Scan URL

URL: https://preferredhotels.com/iprefer/enroll?hotel=LASDG
Title: Downtown Grand Hotel & Casino

Search URL Search Domain Scan URL

URL: https://be.synxis.com/signin?adult=1&arrive=2022-03-02&chain=10237&child=0&config=LASDG%C2%A4cy=USD&currency=USD&depart=2022-03-03&hotel=10443&level=hotel&locale=en-US&rooms=1&theme=LASDG
Title: Modify Existing Reservation

Search URL Search Domain Scan URL

URL: https://recruiting.adp.com/srccar/public/RTI.home?c=1160151&d=ExternalCareerSite
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.chargerback.com/ReportLostItemCBEmbed.asp?CustomerID=6857
Title: Lost and Found

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.downtowngrand.com/ HTTP 301
https://www.downtowngrand.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://widgets.gtsgig.com/boot.js?hotel-downtown-grand HTTP 301
https://forge.gtsgapps.com/boot.js?hotel-downtown-grand

Request Chain 58

https://widgets.gtsgig.com/boot.js?hotel=downtown-grand HTTP 301
https://forge.gtsgapps.com/boot.js?hotel=downtown-grand

Request Chain 106

https://um.simpli.fi/smaato HTTP 302
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B0A11139CAD54B099E325EEAD59BA511

Request Chain 107

https://um.simpli.fi/nexxen HTTP 302
https://sync.1rx.io/usersync/simplifi/B0A11139CAD54B099E325EEAD59BA511 HTTP 302
https://sync.1rx.io/usersync/simplifi/B0A11139CAD54B099E325EEAD59BA511?zcc=1&cb=1700347271001 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-a8dba6b7-982a-45cf-8442-adfa867214e2-003

Request Chain 108

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=B0A11139CAD54B099E325EEAD59BA511&dongle=yf3

Request Chain 109

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=B0A11139CAD54B099E325EEAD59BA511

Request Chain 110

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=B0A11139CAD54B099E325EEAD59BA511 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B0A11139CAD54B099E325EEAD59BA511

Request Chain 111

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B0A11139CAD54B099E325EEAD59BA511 HTTP 302
https://d.agkn.com/pixel/10751/?che=1700347271031&ip=217.114.218.29&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D218993204704005004936 HTTP 302
https://um.simpli.fi/aa_px?sk=218993204704005004936 HTTP 302
https://um.simpli.fi/empty.gif

Request Chain 112

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0A11139CAD54B099E325EEAD59BA511

Request Chain 115

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B0A11139CAD54B099E325EEAD59BA511;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=B0A11139CAD54B099E325EEAD59BA511;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjEzMjU3NjE0NTY2OTM3NDQ4MQ== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEH2BCGMRTIQEiJvqTncKvP4&google_cver=1

Request Chain 116

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0A11139CAD54B099E325EEAD59BA511&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0A11139CAD54B099E325EEAD59BA511&j=0&xl8blockcheck=1

Request Chain 118

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=B0A11139CAD54B099E325EEAD59BA511

Request Chain 119

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=B0A11139CAD54B099E325EEAD59BA511

Request Chain 120

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B0A11139CAD54B099E325EEAD59BA511

Request Chain 121

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=B0A11139CAD54B099E325EEAD59BA511

Request Chain 122

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=B0A11139CAD54B099E325EEAD59BA511

Request Chain 123

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700347270668&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=hj1ZZYGULLaX9u8P5YuM8AI&sscte=1&crd=&pscrd=IhMIge_DmM_OggMVtov9Bx3lBQMu HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIge_DmM_OggMVtov9Bx3lBQMu&is_vtc=1&ocp_id=hj1ZZYGULLaX9u8P5YuM8AI&cid=CAQSKQDICaaNjxxjsyLkuXJPUKxQuHAWslZCDCPThZYGIuRgavwav577FSp_&random=3167506647 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIge_DmM_OggMVtov9Bx3lBQMu&is_vtc=1&ocp_id=hj1ZZYGULLaX9u8P5YuM8AI&cid=CAQSKQDICaaNjxxjsyLkuXJPUKxQuHAWslZCDCPThZYGIuRgavwav577FSp_&random=3167506647&ipr=y

Request Chain 125

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=B0A11139CAD54B099E325EEAD59BA511 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0A11139CAD54B099E325EEAD59BA511

Request Chain 126

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0A11139CAD54B099E325EEAD59BA511&expires=365

Request Chain 127

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B0A11139CAD54B099E325EEAD59BA511

Request Chain 128

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEBXooz35RG0PfQYT2je-Ne4&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0A11139CAD54B099E325EEAD59BA511 HTTP 302
https://um.simpli.fi/g_match?id=

128 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.downtowngrand.com/
Redirect Chain

http://www.downtowngrand.com/
https://www.downtowngrand.com/

88 KB
17 KB

569ms
478ms

Document
text/html

104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2bdf45991a04b483a043c9c12f89c6d3498c98d5cd6bd50cf5670a5563dd346f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 8283b815ab662bca-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 18 Nov 2023 22:41:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 8283b814be5c9116-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Sat, 18 Nov 2023 22:41:07 GMT
Expires: Sat, 18 Nov 2023 23:41:07 GMT
Location: https://www.downtowngrand.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 embed.min.js Show response
app.termly.io/ 275 KB
91 KB 125ms
47ms Script
application/javascript 2606:4700::6811:4416
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:4416 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19779e3ddf8ff4e121d695cd3ddd7ab6ced1d52751a212e2add40934e601b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5975
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Fri, 17 Nov 2023 22:46:21 GMT
server: cloudflare
etag: W/"6557ed3d-44c5a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 8283b8191f0536dc-FRA
expires: Sun, 19 Nov 2023 02:41:08 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 118ms
38ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600|Jost:300,regular,500,200,600

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8dfd83d6d0d3fed4db84ab8cd0338a473dfa90ed81e7da2e2a8f3d91d96b5bd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 22:41:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 18 Nov 2023 22:41:08 GMT

GET
H2 200 symphony.css
frontend.cdn.tambourine.com/assets/ 22 KB
23 KB 549ms
447ms Stylesheet
text/css 2600:9000:225b:7600:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/symphony.css?FbigSO
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:7600:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 261af33a9473a00060eb68205416b510175f79556702475dd9aba2f75482579e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
last-modified: Mon, 30 Oct 2023 19:44:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "f3268560227d93a2e48b93a9790ce0da"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 22913
x-amz-cf-id: Zuduvq8oz4oG6AP23fUrqTqfhXnlDN18nxtlJDG7PQdEJqQwsc-VVg==

GET
H2 200 style.css
www.downtowngrand.com/assets/ 303 KB
45 KB 243ms
242ms Stylesheet
text/css 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/assets/style.css?FbigSO

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

664af93825bc4a441e30b57b2261a9c560460f35d25bcb419517dacaec5d7d9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Wed, 01 Nov 2023 15:45:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"654272b3-4ba8c"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
cf-ray: 8283b818bd812bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 jquery-3.7.0.min.js Show response
frontend.cdn.tambourine.com/assets/js/ 85 KB
86 KB 550ms
448ms Script
text/javascript 2600:9000:225b:7600:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/js/jquery-3.7.0.min.js
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:7600:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
last-modified: Fri, 01 Sep 2023 20:24:54 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "e6c2415c0ace414e5153670314ce99a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/javascript
accept-ranges: bytes
content-length: 87462
x-amz-cf-id: IbnGZTX8T2MsilDpJP3N1TU6jFQBQphGLk8Mc9LxNQ87ldCWH7Ouxw==

GET
H2

200

boot.js Show response
forge.gtsgapps.com/
Redirect Chain

https://widgets.gtsgig.com/boot.js?hotel-downtown-grand
https://forge.gtsgapps.com/boot.js?hotel-downtown-grand

30 KB
10 KB

286ms
41ms

Script
application/javascript

2600:9000:225b:fc00:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/boot.js?hotel-downtown-grand
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Server: 2600:9000:225b:fc00:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c3b62e4d046236c0ca75b2ce0ed55e6edf3f272cf50ecfdd7db985d019afb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:16 GMT
content-encoding: gzip
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 16:41:45 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 8094
x-amz-server-side-encryption: AES256
etag: W/"a87fe3b9c15dd70b81b2bcb9847b0c3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: 0385Yxa7EgT6MpuldcYKvgo15_5DKLPMo6OXoTSF9121pEuwuyH01A==

Redirect headers

date: Sat, 18 Nov 2023 22:41:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3eCl1OFKVIdWMyd4za%2B1GMf8KykePaiexz27i0ldXLMNgZ8vBg8UwdnwHB9IoGvn%2FGDutZH%2FCmh6qoLlBN52S7n1nefzWFQ2D%2FImhKok%2B888NN%2BejFYzCDM13xmqsRp4kMhyzu6ULN%2FjsYl%2FgevbXgI%3D"}],"group":"cf-nel","max_age":604800}
location: https://forge.gtsgapps.com/boot.js?hotel-downtown-grand
cache-control: max-age=3600
cf-ray: 8283b81ebe48364e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 18 Nov 2023 23:41:08 GMT

GET
H2 200 Logo.svg
www.downtowngrand.com/assets/svg/ 5 KB
2 KB 228ms
227ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/Logo.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

704519bb19f37f802ae6c1b1a9bff22b8c67cc797650cc8c33c353d23837b254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-126d"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 8283b818bd822bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 date_range_picker.js Show response
frontend.tambo.site/includes/js/ 87 KB
26 KB 300ms
220ms Script
application/javascript 2606:4700::6810:c218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.tambo.site/includes/js/date_range_picker.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c5c3d76cb0beb426e085fa5de4bfd09dd1c73854668723b5b1d12fb1c75f67a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server-name: aws_dev
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 16:38:56 GMT
server: cloudflare
etag: W/"5dcc31a0-15d28"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 8283b8192b169bb2-FRA
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 date_range_picker.css
frontend.tambo.site/includes/css/ 6 KB
2 KB 228ms
228ms Stylesheet
text/css 2606:4700::6810:c218
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://frontend.tambo.site/includes/css/date_range_picker.css

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:c218 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

052e58079bc72cbc064ece64e0df1af113fbb15d92fc3aa6c42596d0d5ffed9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server-name: aws_dev
x-xss-protection: 1; mode=block
last-modified: Wed, 13 Nov 2019 16:38:56 GMT
server: cloudflare
etag: W/"5dcc31a0-19b1"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000, public
cf-ray: 8283b81a1be79bb2-FRA
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 untitled-design-72-63fea79e0512c.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 94 KB
95 KB 178ms
58ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/untitled-design-72-63fea79e0512c.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2c67a07118d1af64f10aaeec8657870df333c1b2e40199d02a0a5a376c9a031c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: HFKRFKJFV9RxiO4YpHL127sPYAk3DS0D
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 01:17:20 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "0038edc1ae92519e27204801d6a802da"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 96500
x-amz-cf-id: 9K304ZDPsUrOKjae95O8LaoXeU83WOuB3-QpOAdSPy4dLczuJ_51Tw==

GET
H2 200 untitled-design-71-63fea71a475cd.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 53 KB
54 KB 107ms
59ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/untitled-design-71-63fea71a475cd.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: acca2ce795ec76be5166a6f07ca71c7a760816fda9e87281fde99da7fdf13f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: .E1BA5LTTiO1K3j7_612kNA9ucYYwq5Y
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 01:15:08 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "35245b2e0d441e20e91cc6ce185edb10"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 54366
x-amz-cf-id: g_SpB6SF-hLsPngNmTYfPqcJaiBb6Jglx2_YjXNK3jNACbKLWnUrcQ==

GET
H2 200 reason-quad---freemont-632b5746ec8a8.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 183 KB
184 KB 58ms
57ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/reason-quad---freemont-632b5746ec8a8.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 454ac6445a518db55bd064f5923cdea9a99337e3d936745ca47b088a729aac6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: ba7nomKhvr.n1N.mQ59ukRg6E32Jj2Gb
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:16 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "53520e48dcddf95450169c161884a0f8"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 187592
x-amz-cf-id: 6XeQTsDnluG7YyZJuiBo2QlXQEK8G5pF1CZXFQI0dOmceXbb_npoDg==

GET
H2 200 3rd-st_concert-2-63d1cba0492ad.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 4 MB
4 MB 62ms
61ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/3rd-st_concert-2-63d1cba0492ad.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6123bcba0dee5f039a3396930d04e017d752851fa3bbcde2c7f44e331cc33e96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: LYL1cBMnuMitULP.l7t4.yartItSP7Mk
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:45:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "5c2daa31d62a98d91cb1e5e80c4569ce"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 3870798
x-amz-cf-id: ctKqpSQvQaT8EqNFW4Gs5xlaQBHeAleRqH4eoGiumrhA7jh3QIJTCw==

GET
H2 200 untitled-design-70-63fea36b12688.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 52 KB
52 KB 107ms
101ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/untitled-design-70-63fea36b12688.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e00e800c8cd3187727b992b8d7eaa1853abdd42723fc11cd45bfd2022259a54a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: kvpFeM_p8kVMvYbUr5kmk.JXNlZXIBvB
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Wed, 01 Mar 2023 00:59:25 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "69a0b4b690572c8e76bab7183b3493e5"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 52960
x-amz-cf-id: gVNYK31H6kZtid58DvemkgiaKG43LPiJ6OIhnfucfIGOQfZ-jVqsdg==

GET
H2 200 fandb-quad---t-george-632b23872ba3e.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 122 KB
122 KB 102ms
96ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---t-george-632b23872ba3e.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: efb20a60bf8a76de2a1cff4fe7d564cfdc5ed46eb576a0aadfe7e2824a89d1fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: 4m1zpn5XCH8Gfrxhki9M2eelZkp_nAvn
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "4a6a93562fc49c0e85d06e5e3e4b2520"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 124692
x-amz-cf-id: 3_MaKcKvpzhzBjXSJ-dwL2mnInja2AxADsPiZuyLvRdumxQ64IKj3w==

GET
H2 200 sidebar1-632b2b8ea486f.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 145 KB
145 KB 108ms
102ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/sidebar1-632b2b8ea486f.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 44fc462799839c3cd6ef6a53f2d92b7c586edf219e4434d7b829f3d15f642af3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: C.Z50wNqzfxtKHJrYrGuZ0dNKxzWNXC3
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:17 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "fabc847b3fe33fc26d58ef7db6609665"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 148084
x-amz-cf-id: aGHbfi3q1ibtPcixEx96qk1VIAtKIpQQD9Z-09cS26TxNC8gd1RPhg==

GET
H2 200 fandb-quad---freedom-632b27f7a5846.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 141 KB
142 KB 107ms
102ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---freedom-632b27f7a5846.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 886915e7d408d04a6c7b4ec0ca3879ce8f206d7f99b5ff26b142f0085c64eee1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: M8EuFe09j97wg38n.B_CC3b8_jmpyo6C
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "ab6faf91ab687f11b255c42ad6691b1e"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 144528
x-amz-cf-id: cqiZjOobDQKmb-65ZYdYa6A0nRHFEbdv2nfZK8UZKojbyk8FmTD-VA==

GET
H2 200 fandb-quad---furnace-632b36df79230.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 137 KB
137 KB 103ms
98ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---furnace-632b36df79230.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bae30756ee6a739a884c7155c589b8fa38f9a71e16003ea94c6163ae6f37cce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: 5vy1VE2k_AKq3T5anOiaKNwcymr9.9Lk
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "dcea66a958c9fb55bcf03edd3a55f1cf"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 139848
x-amz-cf-id: UMe0j-mFzZurRGGhVeSksNmh6NVpSGSqr19Ak-BKPhvJF5VlVGd4GQ==

GET
H2 200 fandb-quad---p-rock-632b4be660b1d.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 111 KB
111 KB 103ms
99ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---p-rock-632b4be660b1d.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6feb3bf4c8fa0f094566bc6405d6dd28b6bc89b977aa6c55a65b4b826d11f8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: TGBWb2yHazGvLg9MrOXZ_SdmKA.DtdkU
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "23704b1c94ec5453ce44bbd32611a2ed"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 113588
x-amz-cf-id: E17K_jCMYTB_BpJoRxhl7mp3q2Kuheelt2Gm_CPWr8GdAe-n2S1a_Q==

GET
H2 200 fandb-quad---hogs-and-hefs-632b4d89a06b3.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 174 KB
174 KB 108ms
104ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/fandb-quad---hogs-and-hefs-632b4d89a06b3.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d01872f15ee302647bffbca25f61745c27fda2463b3cf7e191a7d30d69d99a06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: t21Gn8ze1J3stgxb_M1bo2d3vmUIzUYZ
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:05 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "8af52cc7ae51288de68a588c42e20558"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 177706
x-amz-cf-id: nq423J22I40OFI6jJjsrVibgxh6I4LUvX-y0UD3LwsAw0qdsG_0PQg==

GET
H2 200 DowntownGrandHotel-Logo-Footer.svg
www.downtowngrand.com/assets/svg/ 5 KB
2 KB 163ms
159ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/DowntownGrandHotel-Logo-Footer.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa575bc77a75c441e90ed01f4e90d82bcc468f934ca79cd069904922f8ec7308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-12e2"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 8283b81d99322bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 Logo-Connect.png
www.downtowngrand.com/assets/images/ 10 KB
10 KB 167ms
163ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Logo-Connect.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c0a5bf71b72e7a9dc2295f073f24bd1dc8c7c933bc4291930042fdd0a5fbd30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-280c"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81d99332bca-FRA
content-length: 10252
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 Logo-IPrefer.png
www.downtowngrand.com/assets/images/ 7 KB
7 KB 174ms
170ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Logo-IPrefer.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94be68ff19b51715111d9be8bb85d7d688fdc0e60f6b3d1db011d1ea86263207

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-1bd7"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81d99362bca-FRA
content-length: 7127
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 Green%20Seal%20Silver%20Logo.png
www.downtowngrand.com/assets/images/ 15 KB
15 KB 249ms
246ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Green%20Seal%20Silver%20Logo.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eccb5640ed07154529342801fe9ed1dc42ee6831e30731ff9e175c5b10ba97b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-3a77"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81d99382bca-FRA
content-length: 14967
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 revinate-form.js Show response
contact-api.inguest.com/bundles/revinatecontactapi/js/ 5 KB
2 KB 723ms
212ms Script
application/javascript 44.238.236.15
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://contact-api.inguest.com/bundles/revinatecontactapi/js/revinate-form.js?v=1

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

44.238.236.15 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-238-236-15.us-west-2.compute.amazonaws.com

Software

Resource Hash

27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
vary: Accept-Encoding,Origin
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31449600, public
accept-ranges: bytes
content-length: 1480

GET
H2 200 symphony.js Show response
frontend.cdn.tambourine.com/assets/ 65 KB
66 KB 466ms
459ms Script
application/javascript 2600:9000:225b:7600:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/symphony.js?FbigSO
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:7600:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8167d73d3ce99729756e5a24b0b536931031a55bce60e09afc703df6d4e7d096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:10 GMT
via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
last-modified: Tue, 14 Nov 2023 23:11:34 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "dd70b4b485c1bf4f00219f66da997106"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 66859
x-amz-cf-id: Ik_ePqaiK1FLC_-_KXrxG4WAdCS37ekJ2rog88nvVQmNpr_fLfB7vg==

GET
H2 200 scripts.js Show response
www.downtowngrand.com/assets/ 172 KB
51 KB 263ms
256ms Script
application/javascript 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/assets/scripts.js?FbigSO

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b35add0e1ee39219484345bc3e4d8400acf5a87c1c9e54221625563d9b42f4e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 16 Jun 2023 16:17:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"648c8b36-2b1ea"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8283b81d99312bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 vue.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/ 92 KB
31 KB 243ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/vue.min.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 840359
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30949
last-modified: Tue, 08 Jun 2021 12:01:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60bf5c26-78e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Blj4MQZOLyxY1u94p8P5eQ9B1sb8x%2FGnz34qxTCJcEF6aq4B6rJiiXm%2FhAHXziFygIBkEgp2Hus5%2BHEXn5z3XJn9U3DDfK114L6ypuFCN3p1hpYr78mo1Kwi6wbkfnP8rWy7GGcS0KigfbOYK7CXdE5Z"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8283b81eb9919004-FRA
expires: Thu, 07 Nov 2024 22:41:08 GMT

GET
H2 200 v-popups.min.js Show response
frontend.cdn.tambourine.com/includes/symphony-components/js/ 92 KB
92 KB 458ms
454ms Script
application/javascript 2600:9000:225b:7600:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=65593d83d01d1
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:7600:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0d2ee4279a4f1fc8a8cc11ac8429cb6d1bafe8620b624d03a8c1c1dce9761d14

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:10 GMT
via: 1.1 29473aa9cc185f2a037ec3a7e2ffd74c.cloudfront.net (CloudFront)
last-modified: Tue, 07 Nov 2023 14:57:59 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
etag: "67a88e6c11544ecec82d3c4f13467e15"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 93826
x-amz-cf-id: bYBer3sTzYyXZZoQPFOA1-AbdQyLK3ZioS716nhL0H7vap_bftiGtQ==

GET
H2 200 v84a3a4012de94ce1a686ba8c167c359c1696973893317 Show response
static.cloudflareinsights.com/beacon.min.js/ 20 KB
7 KB 429ms
228ms Script
text/javascript 2606:4700::6810:3965
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:3965 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer: https://www.downtowngrand.com/
Origin: https://www.downtowngrand.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
server: cloudflare
etag: W/"2023.10.0"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 8283b81eb8966acc-FRA

GET
DATA 200
OK truncated
/ 38 B
38 B Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 408 KB
111 KB 265ms
67ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42cfb18fd21c02a1ceae279c33456cc7c90b55181e58728cb8961f599cddfe79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112944
x-xss-protection: 0
last-modified: Sat, 18 Nov 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 18 Nov 2023 22:41:08 GMT

GET
H2 200 siteanalyze_6119418.js Show response
siteimproveanalytics.com/js/ 24 KB
9 KB 435ms
234ms Script
application/javascript 2606:4700:e2::ac40:8a05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6119418.js
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8a05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc1d5b9636d8b656b01e0bfc1de9f9c93a79d035821e0e6f484784ebce01d8d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: B7S7QAVD3BAM4T5B
alt-svc: h3=":443"; ma=86400
content-length: 8379
x-amz-id-2: xmHkKq4Nk9juoTI3Yhu24w4IUy222OSbYYEUvfWl/MFIOZtcBh2SOziY27ZuJCGp82vYidWD+Y4=
last-modified: Mon, 16 May 2022 09:47:41 GMT
server: cloudflare
etag: "371645e2bed202e92498950d07935726"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N%2FKbyms%2Fn%2BBrMqyeAR%2B2ek6DfMfIw5AAuIaLjMx49mHnR9%2FpDKgIYfeKF5pnSuZgBu2IcZ0imXyKDowA8Qcv%2FDRNvocZskMYyH0D2vmAV6sRGMSamfT%2FYbf47yQ5rKykHl07U7tYS5rqxdfhDbU3IzJB9NrNZaI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 8283b81ebf920157-CDG

GET
DATA 200
OK truncated
/ 204 B
204 B Image
img/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9be58b47b02992d6a87560e738e35b2b5a0ef1493462dbd3c95b30d275a4812

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: img/png

GET
H2 200 Booking-bg.jpg
www.downtowngrand.com/assets/images/ 97 KB
98 KB 262ms
258ms Image
image/jpeg 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Booking-bg.jpg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c642713699195abd5da92f5f2407f3866a5b9abedef20ada8c07041625fcb790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-1848b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81da9432bca-FRA
content-length: 99467
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 Arrow-Icon.png
www.downtowngrand.com/assets/images/ 382 B
888 B 258ms
254ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/Arrow-Icon.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

783f375222f2fbbea6a7e707fae770d19daf9f377bfbe68480d77b95901f2067

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-17e"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81da9452bca-FRA
content-length: 382
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 citrus12-3-632a0d25dceab.jpg
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 325 KB
326 KB 97ms
94ms Image
image/jpeg 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/citrus12-3-632a0d25dceab.jpg?q=2
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0fd5868efc58d9b51655eb5f629ee84141c7c02bc31ae19aa597d66ff4f0af07

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: y6Zt7xytXqfzrNx1_w4eKYJlt75YshC.
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:54:38 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "ab4010f8cf3572d238dd9a4ab3024da1"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 333115
x-amz-cf-id: a9u-h9fAhXdXAvQCRPkzgg82GMFWJwc77iNdzEp2N_ZbAlbjTj0uzA==

GET
H2 200 furnace-bar-632a06e6440c8.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 687 KB
688 KB 99ms
96ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/furnace-bar-632a06e6440c8.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b8f77949fc421e35a1f82edca013fab07e0d5e670e4ceeedee293168f5d68878

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: rn8Ezy.ntq0MRd_uHeOuIfr3inVTPhBR
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "bf321f9d77ae6612351a9ebc769be168"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 703272
x-amz-cf-id: fmBFYil9MXs_ZvWuWB9l5qBXKWlwdp_gP7uXjzXpmU1CoWrGyZTUcA==

GET
H2 200 slice_4-63122e1d5c194.png
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 2 MB
2 MB 100ms
97ms Image
image/png 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/slice_4-63122e1d5c194.png?q=7
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b3a5c47d1cbb92f58db0c0e7e4b133acf2e4ad303b401b1891fd5d6f322d4e0b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: 6Ad0OWn7ztaJZQLj.amDx0HIZvWqXept
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:55:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "934f993b2d962811018d17de629af9bd"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 2181525
x-amz-cf-id: JWtI-tQ4-MMKMliGmQVgnjU1voEtwli8hYtnK1mRTix-ZmYn69JIRQ==

GET
H2 200 triple-george-patio-632a0898d58e1.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 557 KB
558 KB 195ms
192ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/triple-george-patio-632a0898d58e1.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d2b43bc0f42742eda128231f424887d48850c75c7528f564e924ef9ab14d417a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: EoMZCHlvDJ1iC7zYPXHLzZdzYnw48OYs
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:19 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "78837517614032fe4d886186892c0a46"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 570684
x-amz-cf-id: PIaqOk3v_qF3GNWABEgT0ztC6mvy_62cMCU99ErDPbYrBt8t4utXwA==

GET
H2 200 freedom-beat_room-1-632a0aed38ba5.webp
symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/ 395 KB
396 KB 179ms
176ms Image
image/webp 2600:9000:26da:da00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/downtown-grand-hotel-casino/media/freedom-beat_room-1-632a0aed38ba5.webp
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:26da:da00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bcb2ca1e71af730d09bf7cff563554c703a4b91e8128a63e0baa6beb39d3ac39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 16:38:10 GMT
x-amz-version-id: 0D3OcE_CBtn.FsRKYz4spTOCMjaQT2Al
via: 1.1 21be3420a436f8727342146a9b19af68.cloudfront.net (CloudFront)
last-modified: Fri, 24 Feb 2023 17:50:07 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P4
age: 21779
etag: "c67a1fcbcf0b20282f16b29d451ad33c"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: image/webp
accept-ranges: bytes
content-length: 404258
x-amz-cf-id: _KwzQCPXCalw4VjoGzNxQ8Gx96870iCMOvuaB9JB2EhqJIsy39Y70w==

GET
H2 200 bg-slider-home.png
www.downtowngrand.com/assets/images/ 44 KB
44 KB 243ms
240ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/bg-slider-home.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00d01fa752d34b595b0c92033b9293ea8fd6b8ec885c74c49aa7ab3df1f404ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-af3c"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81da9472bca-FRA
content-length: 44860
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 dot_active_w.svg
www.downtowngrand.com/assets/svg/ 458 B
1 KB 254ms
252ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_active_w.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af3d891e8c7dae56c3822e4c10eef6afe17fac5b65383d3e06f34e85811c6a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; preload
content-security-policy-report-only: script-src 'none'; report-uri https://csp-reporting.cloudflare.com/cdn-cgi/script_monitor/report?m=C8oWUq6QfjY_48FnGaA2Q60NgFmJ0MYNX0F2TCSMBe8-1700347268-0-AV2MxbQGU8mh05L_CqXwvFA0R200wAbPLqGbjw9SXmi5uHWrtUcVBQqn9pdT34Qwly6RdFnHlRfhoqze-F_hfdz8satbrJ6fzIn7AfjK0iRhPaNtQc866Op47WABTxX8VWVMgKb1BQympNiiY3dMzEuqEbcb2fVYX5BAexiWQ04n; report-to cf-csp-endpoint
x-xss-protection: 1; mode=block
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: W/"63f8fafd-1ca"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
report-to: {"endpoints":[{"url":"https:\/\/csp-reporting.cloudflare.com\/cdn-cgi\/script_monitor\/report?m=C8oWUq6QfjY_48FnGaA2Q60NgFmJ0MYNX0F2TCSMBe8-1700347268-0-AV2MxbQGU8mh05L_CqXwvFA0R200wAbPLqGbjw9SXmi5uHWrtUcVBQqn9pdT34Qwly6RdFnHlRfhoqze-F_hfdz8satbrJ6fzIn7AfjK0iRhPaNtQc866Op47WABTxX8VWVMgKb1BQympNiiY3dMzEuqEbcb2fVYX5BAexiWQ04n"}],"group":"cf-csp-endpoint","max_age":86400}
cache-control: max-age=2592000
cf-ray: 8283b81da94c2bca-FRA
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 dot_border_w.svg
www.downtowngrand.com/assets/svg/ 299 B
600 B 250ms
248ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_border_w.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fcf3d11b295c3fb16faea75f092b8722141be082dc0d7689b6bc6d8f7b4cf054

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-12b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 8283b81da94e2bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 bg-white-sliderv2.png
www.downtowngrand.com/assets/images/ 153 KB
154 KB 418ms
417ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/bg-white-sliderv2.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3a1c18e2bec0bc65946162f823325bc50ea31bee334636f44aa2687d9356b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-26529"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81de9762bca-FRA
content-length: 156969
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 dot_active_b.svg
www.downtowngrand.com/assets/svg/ 478 B
632 B 418ms
417ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_active_b.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cec74c749d7ad020709a3fe9cf5578887303df50b17fefd2774e324567acd7a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-1de"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 8283b81de9792bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 dot_border_b.svg
www.downtowngrand.com/assets/svg/ 299 B
592 B 419ms
418ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/dot_border_b.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fc31c7d2528b2a0202c7c64bc976929288fc02caf7312171993ba8137cbfcf2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"63f8fafd-12b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 8283b81de97b2bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 footer-bg.png
www.downtowngrand.com/assets/images/ 10 KB
11 KB 415ms
415ms Image
image/png 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/images/footer-bg.png

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eeac74d60f364513e94dcefa946273da1c8fe52f32141f5bff7f8b5773f0a20e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:08 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
etag: "63f8fafd-294b"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8283b81de97c2bca-FRA
content-length: 10571
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:08 GMT

GET
H2 200 92zatBhPNqw73oTd4g.woff2
fonts.gstatic.com/s/jost/v15/ 26 KB
27 KB 216ms
31ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/jost/v15/92zatBhPNqw73oTd4g.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600|Jost:300,regular,500,200,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.downtowngrand.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Thu, 16 Nov 2023 18:31:24 GMT
x-content-type-options: nosniff
age: 187784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26620
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:39:33 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Nov 2024 18:31:24 GMT

GET
H2 200 Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2
fonts.gstatic.com/s/josefinsans/v32/ 28 KB
28 KB 245ms
61ms Font
font/woff2 2a00:1450:4001:81c::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/josefinsans/v32/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Josefin+Sans:200,300,regular,500,600|Jost:300,regular,500,200,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.downtowngrand.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 19:18:31 GMT
x-content-type-options: nosniff
age: 12157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28600
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 20:50:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 17 Nov 2024 19:18:31 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 274 KB
90 KB 54ms
53ms Script
application/javascript 2a00:1450:4001:808::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-8KQVZFDT29&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

56e9e5727e855ffda18db1c13b26eb33a9288289a3a8119f19f6f72f53df0bc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 92219
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 18 Nov 2023 22:41:09 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/954441679/ 3 KB
1 KB 156ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/954441679/?random=1700347269243&cv=11&fst=1700347269243&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71329332&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.downtowngrand.com%2F&hn=www.googleadservices.com&frm=0&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&auid=1920684521.1700347269&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

442774d07bbaa960a3c59d71dba519c98403ad4af361feb3612185eba55b3e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10841270011/ 3 KB
2 KB 153ms
22ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10841270011/?random=1700347269248&cv=11&fst=1700347269248&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71329332&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.downtowngrand.com%2F&hn=www.googleadservices.com&frm=0&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&auid=1920684521.1700347269&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2509d72c909ca295be6de16785fa2469e44c12509215bcc1a4ca519efb86343c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1264
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 125ms
35ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 18 Nov 2023 21:19:54 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4875
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 18 Nov 2023 23:19:54 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 45 KB
13 KB 147ms
59ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sat, 18 Nov 2023 22:41:08 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: D9EA545411464F018D26631294D7D2C7 Ref B: FRA31EDGE0611 Ref C: 2023-11-18T22:41:09Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 202 KB
54 KB 167ms
42ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 22:41:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 54273
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: dtq22vc5rmjtOp52ipF9M39g32M9aMsv5fRnTQfafpAEFdBS9NWsLTAHZ7RPrYeOQ+FRSDbzwHHbCU2U+YyNXA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 50 KB
19 KB 201ms
68ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18823
x-xss-protection: 0
server: cafe
etag: 4145344891725561964
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 22:41:09 GMT

GET
H2 200 loader.js Show response
www.thehotelsnetwork.com/js/ 17 KB
17 KB 227ms
88ms Script
application/javascript 18.173.187.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/js/loader.js?property_id=1036348&account_key=8F546912EEDF302F9D7760336B39C163

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.173.187.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-187-96.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

41931a1c11d708c1ad5d998be5dc8a95ff22b1d57a2815e828b3abf00b575ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3d60650fd0c339e18e816ce29f9a0da0.cloudfront.net (CloudFront)
last-modified: Fri, 17 Nov 2023 13:51:42 GMT
server: nginx
x-amz-cf-pop: MUC50-P4
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.downtowngrand.com
cache-control: max-age=7200
access-control-allow-credentials: true
x-amz-cf-id: k2nTxRpRtR6JfJqINeFaY9mPYMb7dLRhAnNAELxTV-4B3G6_JqpOYw==

GET
H2

200

boot.js Show response
forge.gtsgapps.com/
Redirect Chain

https://widgets.gtsgig.com/boot.js?hotel=downtown-grand
https://forge.gtsgapps.com/boot.js?hotel=downtown-grand

30 KB
10 KB

44ms
43ms

Script
application/javascript

2600:9000:225b:fc00:1:279d:1d40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://forge.gtsgapps.com/boot.js?hotel=downtown-grand
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Server: 2600:9000:225b:fc00:1:279d:1d40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6c3b62e4d046236c0ca75b2ce0ed55e6edf3f272cf50ecfdd7db985d019afb39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 20:26:16 GMT
content-encoding: gzip
via: 1.1 878a01abbb158ab50d28bd4e882dc33a.cloudfront.net (CloudFront)
last-modified: Mon, 13 Nov 2023 16:41:45 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 8094
x-amz-server-side-encryption: AES256
etag: W/"a87fe3b9c15dd70b81b2bcb9847b0c3e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=21600
x-amz-cf-id: OhrZge3UdcWNvXSzlsZ0kAhkyRe8mX0wphWjKUhPat9RPF2521mVBg==

Redirect headers

date: Sat, 18 Nov 2023 22:41:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tOYdJQ25ONY8Dv%2BJGJ3c4%2Fg10V%2F3LwNcqYEieSicR6uzTDPrvurxkY%2B5pP3P4L5L6GBdbWapy53EyZ07TPW3Tr73l91cTumr3jA5A6SWnmyB5j%2Fl3bxNlUW8qHRL1duzLN8Z8Ezi7W69rC%2FPjU7NPV4%3D"}],"group":"cf-nel","max_age":604800}
location: https://forge.gtsgapps.com/boot.js?hotel=downtown-grand
cache-control: max-age=3600
cf-ray: 8283b820e817364e-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 18 Nov 2023 23:41:09 GMT

GET
H2 200 a7872154-b040-42b1-a4f4-3b6f158c6d35 Show response
tag.simpli.fi/sifitag/ 3 KB
2 KB 182ms
55ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.simpli.fi/sifitag/a7872154-b040-42b1-a4f4-3b6f158c6d35
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-MQV3W4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: 2fbc531e621926042d494337839c3ec75dfd9ff7080e48314abc60585f09594c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
x-request-id: F5jY1Swi2XCslfALYAzC
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
insight.adsrvr.org/track/evnt/ 70 B
149 B 227ms
66ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/evnt/?adv=v24nh94&ct=0:tow5j06&fmt=3&gtmcb=2062375542
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
server: Kestrel
content-length: 70
content-type: image/gif

POST
H2 204 collect
region1.analytics.google.com/g/ 0
259 B 157ms
37ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-8KQVZFDT29&gtm=45je3b81v894066190z871329332&_p=1700347268699&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1987188650.1700347269&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1700347269&sct=1&seg=0&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&dt=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=2158
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8KQVZFDT29&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.downtowngrand.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
259 B 140ms
33ms Ping
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-8KQVZFDT29&cid=1987188650.1700347269&gtm=45je3b81v894066190z871329332&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-8KQVZFDT29&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.downtowngrand.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 126ms
40ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-8KQVZFDT29&cid=1987188650.1700347269&gtm=45je3b81v894066190z871329332&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=1741821587

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
214 B 34ms
33ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1475652811&t=pageview&_s=1&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&ul=en-us&de=UTF-8&dt=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAACAAI~&jid=2036086690&gjid=801646594&cid=1987188650.1700347269&tid=UA-44657735-1&_gid=2144492520.1700347269&_r=1&_slc=1&gtm=45He3b81n71MQV3W4v71329332&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&z=1308344946

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.downtowngrand.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.downtowngrand.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 functions.php Show response
www.downtowngrand.com/ajax/ 1 KB
1 KB 174ms
173ms XHR
text/html 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com/ajax/functions.php?operation=_get_geolocation

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=65593d83d01d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

361458538f88fca10e7a4dc155c381cd418f3edf008c7a8428a08544650d91c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.downtowngrand.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8283b8229d412bca-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10841270011/ 42 B
455 B 125ms
49ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10841270011/?random=1700347269248&cv=11&fst=1700344800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71329332&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.downtowngrand.com%2F&frm=0&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&fmt=3&is_vtc=1&cid=CAQSGwDICaaNPlr75HTV_SSyODS1OXvgdjRMLbsSPQ&random=75676190&rmt_tld=0&ipr=y

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10841270011/ 42 B
154 B 43ms
42ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10841270011/?random=1700347269248&cv=11&fst=1700344800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71329332&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.downtowngrand.com%2F&frm=0&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&fmt=3&is_vtc=1&cid=CAQSGwDICaaNPlr75HTV_SSyODS1OXvgdjRMLbsSPQ&random=75676190&rmt_tld=1&ipr=y

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/954441679/ 42 B
108 B 119ms
50ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/954441679/?random=1700347269243&cv=11&fst=1700344800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71329332&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.downtowngrand.com%2F&frm=0&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&fmt=3&is_vtc=1&cid=CAQSGwDICaaN2BTneXcZUcOwUD2w0owKKPdypJxbKQ&random=126978130&rmt_tld=0&ipr=y

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/954441679/ 42 B
108 B 43ms
43ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/954441679/?random=1700347269243&cv=11&fst=1700344800000&bg=ffffff&guid=ON&async=1&gtm=45He3b81v71329332&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.downtowngrand.com%2F&frm=0&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&fmt=3&is_vtc=1&cid=CAQSGwDICaaN2BTneXcZUcOwUD2w0owKKPdypJxbKQ&random=126978130&rmt_tld=1&ipr=y

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 left-arrow-datepicker.svg
www.downtowngrand.com/assets/svg/ 180 B
610 B 149ms
149ms Image
image/svg+xml 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.downtowngrand.com/assets/svg/left-arrow-datepicker.svg

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/assets/style.css?FbigSO

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d00ddd77a7d38f8ee326c283ef0f70dcb54fccf875aa569b4d78fb5b7eeb1605

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/assets/style.css?FbigSO
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:09 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Fri, 24 Feb 2023 17:59:25 GMT
server: cloudflare
content-encoding: gzip
etag: W/"63f8fafd-b4"
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 8283b822fd722bca-FRA
x-xss-protection: 1; mode=block
expires: Mon, 18 Dec 2023 22:41:09 GMT

GET
H2 200 image.aspx
6119418.global.siteimproveanalytics.io/ 34 B
479 B 181ms
46ms Image
image/gif 18.196.55.188
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6119418.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.downtowngrand.com%2F&title=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&res=1600x1200&accountid=6119418&rt=2355&prev=f78cc32a-6a9e-90a6-da75-fdf06bfdb6ce&luid=f3b992ba-1690-5fa8-23db-77b7b72438d1&rnd=85657
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.55.188 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-55-188.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-type: image/gif
date: Sat, 18 Nov 2023 22:41:09 GMT
cache-control: max-age=0
content-length: 34
expires: Sat, 18 Nov 2023 22:41:09 UTC

GET
H2 200 463589177315868 Show response
connect.facebook.net/signals/config/ 140 KB
36 KB 189ms
188ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/463589177315868?v=2.9.138&r=stable&domain=www.downtowngrand.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56a3cd98d36ec4692f4113bc989ca4997ac45a411e7b13ed7ff4abd31dbf1589

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 22:41:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: vMd/5IorvYTTe8t1UpeZok1viev6Kb2m/fKyMBWr8M3XcS09YqUsdmuLx/+P2kolDErUWIZu7u91/jqm9XR+nQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 139001245.js Show response
bat.bing.com/p/action/ 0
117 B 64ms
64ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/139001245.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sat, 18 Nov 2023 22:41:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B273FE19481D4F0C86EBA2529229FEE6 Ref B: FRA31EDGE0611 Ref C: 2023-11-18T22:41:09Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ 0
287 B 83ms
82ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=139001245&tm=gtm002&Ver=2&mid=ad350cba-0f8a-4ceb-8b1b-7a89486b0191&sid=918204e0866311ee8c4d7d59dafe98a2&vid=9182a9c0866311eebef61b17a77518e8&vids=1&msclkid=N&gtm_tag_source=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&p=https%3A%2F%2Fwww.downtowngrand.com%2F&r=&lt=2294&evt=pageLoad&sv=1&rn=29479

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sat, 18 Nov 2023 22:41:08 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 9BF92E04C0D44E94985744CEBEF2DAC2 Ref B: FRA31EDGE0611 Ref C: 2023-11-18T22:41:09Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/993669966/ 3 KB
2 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/993669966/?random=1700347269623&cv=9&fst=1700347269623&num=1&label=3GPhCLrJkQcQzubo2QM&guid=ON&resp=GooglemKTybQhCsO&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.downtowngrand.com%2F&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&hn=www.googleadservices.com&uaa=&uab=&uam=&uap=&uapv=&uaw=0&uafvl=&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed9e18d826cf8102bbc89fdc06753014ff5b79e5a5f9c665cb32a68c3619cee8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1395
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
151 B 41ms
37ms XHR
text/plain 2a00:1450:400c:c0a::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-44657735-1&cid=1987188650.1700347269&jid=2036086690&gjid=801646594&_gid=2144492520.1700347269&_u=YCDACEAABAAAACAAI~&z=1274626106

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.downtowngrand.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 18 Nov 2023 22:41:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.downtowngrand.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
42ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44657735-1&cid=1987188650.1700347269&jid=2036086690&_u=YCDACEAABAAAACAAI~&z=1256222301

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 46ms
44ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-44657735-1&cid=1987188650.1700347269&jid=2036086690&_u=YCDACEAABAAAACAAI~&z=1256222301

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/993669966/ 42 B
108 B 46ms
42ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/993669966/?random=1700347269623&cv=9&fst=1700344800000&num=1&label=3GPhCLrJkQcQzubo2QM&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.downtowngrand.com%2F&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&fmt=3&is_vtc=1&cid=CAQSKQDICaaNNKCikPCFj2AiFoZGirSdW9-2vF5ihqc8pXy2FsxnwJqdmDcy&random=1221711948&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/993669966/ 42 B
64 B 49ms
47ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/993669966/?random=1700347269623&cv=9&fst=1700344800000&num=1&label=3GPhCLrJkQcQzubo2QM&guid=ON&eid=375603260%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.downtowngrand.com%2F&tiba=Downtown%20Grand%20Hotel%20%26%20Casino%20%7C%20Official%20Site&fmt=3&is_vtc=1&cid=CAQSKQDICaaNNKCikPCFj2AiFoZGirSdW9-2vF5ihqc8pXy2FsxnwJqdmDcy&random=1221711948&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:09 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 eyJwYWdlIjoiZG93bnRvd24tZ3JhbmQtaG90ZWwtYW5kLWNhc2lubyIsImlkX3BhZ2UiOjY0ODIyLCJzdWJwYWdlIjpudWxsLCJsb2NhdGlvbiI6ImhvbWUtdjIiLCJnZW8iOm51bGwsImNvdW50cnkiOiJERSIsInN0YXRlIjoiSEUiLCJodHRwUmVmZXJlciI6IiJ9 Show response
api.tambourine.com/api/v1/symphony/popups/1649/getPopupBySiteId/en/false/ 12 KB
4 KB 368ms
261ms XHR
application/json 2606:4700::6812:a453
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tambourine.com/api/v1/symphony/popups/1649/getPopupBySiteId/en/false/eyJwYWdlIjoiZG93bnRvd24tZ3JhbmQtaG90ZWwtYW5kLWNhc2lubyIsImlkX3BhZ2UiOjY0ODIyLCJzdWJwYWdlIjpudWxsLCJsb2NhdGlvbiI6ImhvbWUtdjIiLCJnZW8iOm51bGwsImNvdW50cnkiOiJERSIsInN0YXRlIjoiSEUiLCJodHRwUmVmZXJlciI6IiJ9

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=65593d83d01d1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a453 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

48f428e931a447bd8b7164a812fa4e4ca735086682813351db0bf3c43aa35c23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.downtowngrand.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
cf-ray: 8283b824598ebba4-FRA
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 429919557162126 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 164ms
162ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/429919557162126?v=2.9.138&r=stable&domain=www.downtowngrand.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b640eee9ac99ce783b859ffeb397578bd20956fbeaa7429ca8d02335bdccd34f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 22:41:09 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: QxS1H55EPS+Z0fYr6srSuyd8PtmGhc3kTrSPVTkgBZ95P4BAoP2352s32Ruuv1hbqPvsm1wxExO+NcYrax0LUw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 123ms
37ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347269825&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=0&o=4126&fbp=fb.1.1700347269822.95944695&cs_est=true&ler=empty&it=1700347269608&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 1139938923218787 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 161ms
157ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1139938923218787?v=2.9.138&r=stable&domain=www.downtowngrand.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c7b8b81d828b9e5f17772d762ea291499f8cf39e1953a06f2be0f4ab62f49723

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: Im2IQZ6sPx9a4mncZrgUo/dVGs0vBwK1oY9SNKY9Tod/uFVaNhC7I3f8B/Cdgal/oBE/+w99zdKedbI+2FZNbQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 39ms
34ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270028&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 35ms
34ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270029&cd[content_name]=Downtown%20Grand&cd[content_category]=Partner&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=1&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 35ms
34ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270030&cd[content_name]=Downtown%20Grand&cd[content_category]=Partner&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H/1.1 200
OK screen-shot-2022-11-15-at-3_43_40-pm-6373fa0a91898.png
2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/downtown-grand-hotel-casino/media/ 8 KB
8 KB 213ms
81ms Image
image/png 23.45.238.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/downtown-grand-hotel-casino/media/screen-shot-2022-11-15-at-3_43_40-pm-6373fa0a91898.png
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.238.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-238-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: eed602d79758524d558ed426b06cd885bcf595d46db0ca69f3e6245f1750ce7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 22:41:10 GMT
Last-Modified: Tue, 15 Nov 2022 20:44:00 GMT
ETag: 506015ea10d05e47fb9f46979713bfe7
Content-Type: image/png
X-Timestamp: 1668545039.20264
Cache-Control: public, max-age=226567
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7803
X-Trans-Id: tx7348f9370aee447db501f-0065552ebddfw1
Expires: Tue, 21 Nov 2023 13:37:17 GMT

GET
H/1.1 200
OK 21-downtowngrandhotel-636bdb0e62248.png
2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/downtown-grand-hotel-casino/media/ 955 KB
955 KB 201ms
66ms Image
image/png 23.45.238.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/downtown-grand-hotel-casino/media/21-downtowngrandhotel-636bdb0e62248.png
Requested by: Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.238.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-238-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9a8ef2cc37370aab28ce8917fa9a7089b9f6e8c7729d6976c1b1d8d191f49da9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sat, 18 Nov 2023 22:41:10 GMT
Last-Modified: Wed, 09 Nov 2022 16:53:38 GMT
ETag: 11c4e75b4acfc09ddde0281f5ae5488e
Content-Type: image/png
X-Timestamp: 1668012817.37025
Cache-Control: public, max-age=227903
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 977721
X-Trans-Id: tx71b568d10c524f11bc1ce-0065552fa9dfw1
Expires: Tue, 21 Nov 2023 13:59:33 GMT

GET
H3 200 1529129437112093 Show response
connect.facebook.net/signals/config/ 133 KB
35 KB 182ms
181ms Script
application/x-javascript 2a03:2880:f080:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1529129437112093?v=2.9.138&r=stable&domain=www.downtowngrand.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f080:9:face:b00c:0:3 Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

418721ff5f4f3f61cca5551c87469d157d2da2bade34ef353b54ab3dbbc8a336

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints
pragma: public
x-fb-debug: 8F+zA+u61b2MImJHWmGDGFWza6qEn0DK8jQV5l53EmfBZxoGGgchInCCdrgB3AjiaLQWN1+BKBw1Fc+K+/DkUg==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=()
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 39ms
38ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270210&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
38ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=F%26BLPView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270211&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=2&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
39ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=F%26BLPView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270212&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
39ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=F%26BLPView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270213&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 35ms
35ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=PageView&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270421&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.downtowngrand.com
URL: https://www.downtowngrand.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 functions.php Show response
www.downtowngrand.com//ajax/ 70 B
465 B 192ms
191ms XHR
text/html 104.18.160.83
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.downtowngrand.com//ajax/functions.php?operation=_get_form_token

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/assets/js/jquery-3.7.0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.160.83 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56ace70e45c13b7a03caf650ae3ee0df80288af24169d45f84668b724166c4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.downtowngrand.com/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 8283b8295aaf2bca-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 p Show response
i.simpli.fi/ 798 B
760 B 93ms
49ms Script
application/javascript 35.204.89.238
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://i.simpli.fi/p?cid=435919&cb=sifi_att_42656._hp
Requested by: Host: tag.simpli.fi
URL: https://tag.simpli.fi/sifitag/a7872154-b040-42b1-a4f4-3b6f158c6d35
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 35.204.89.238 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 238.89.204.35.bc.googleusercontent.com
Software: openresty /
Resource Hash: e5b4d717b08ce52385c0195e821a37b0295fe0d92d3c5cf47d2fffefbda039b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:10 GMT
content-encoding: gzip
server: openresty
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 37ms
36ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270605&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=3&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 38ms
36ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270605&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
36ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270606&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 39ms
37ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=Search&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270608&cd[Content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&ec=1&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
38ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=463589177315868&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270609&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&a=tmgoogletagmanager&ec=4&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
38ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=429919557162126&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270609&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&ec=4&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
38ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1139938923218787&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270610&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&ec=3&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 40ms
39ms Image
text/plain 2a03:2880:f173:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1529129437112093&ev=ViewContent&dl=https%3A%2F%2Fwww.downtowngrand.com%2F&rl=&if=false&ts=1700347270611&cd[content_type]=hotel&cd[destination]=Las%20Vegas%2C%20Nevada%2C%20US&cd[city]=Las%20Vegas&cd[region]=Nevada&cd[country]=US&sw=1600&sh=1200&v=2.9.138&r=stable&ec=2&o=4126&fbp=fb.1.1700347269822.95944695&ler=empty&it=1700347269608&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f173:81:face:b00c:0:25de Amsterdam, Netherlands, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Sat, 18 Nov 2023 22:41:10 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2

204

/
s.ad.smaato.net/c/
Redirect Chain

https://um.simpli.fi/smaato
https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B0A11139CAD54B099E325EEAD59BA511

0
237 B

153ms
65ms

Image
text/plain

2600:9000:237d:7800:1b:5138:8a40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B0A11139CAD54B099E325EEAD59BA511
Protocol: H2
Server: 2600:9000:237d:7800:1b:5138:8a40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:11 GMT
cache-control: no-cache, must-revalidate
via: 1.1 a79cccd642ddc0038c3b0c4a9e7fcd6c.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: MUC50-P2
x-amz-cf-id: Rwpy4_VdIVdC3U-R9FUFZeK4O7B3WRNX7V8v0KyYh9kLBOIcUJ22CA==
x-cache: Miss from cloudfront

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://s.ad.smaato.net/c/?dspInit=1001136&dspCookie=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

200

RX-a8dba6b7-982a-45cf-8442-adfa867214e2-003
sync.targeting.unrulymedia.com/csync/
Redirect Chain

https://um.simpli.fi/nexxen
https://sync.1rx.io/usersync/simplifi/B0A11139CAD54B099E325EEAD59BA511
https://sync.1rx.io/usersync/simplifi/B0A11139CAD54B099E325EEAD59BA511?zcc=1&cb=1700347271001
https://sync.targeting.unrulymedia.com/csync/RX-a8dba6b7-982a-45cf-8442-adfa867214e2-003

43 B
378 B

160ms
43ms

Image
image/gif

46.228.174.117
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.targeting.unrulymedia.com/csync/RX-a8dba6b7-982a-45cf-8442-adfa867214e2-003
Protocol: H2
Server: 46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:11 GMT
content-length: 43
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"

Redirect headers

location: https://sync.targeting.unrulymedia.com/csync/RX-a8dba6b7-982a-45cf-8442-adfa867214e2-003
pragma: no-cache
date: Sat, 18 Nov 2023 22:41:11 GMT
cache-control: no-store, no-cache, must-revalidate
expires: 0
content-type: text/html

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=B0A11139CAD54B099E325EEAD59BA511&dongle=yf3

37 B
140 B

120ms
34ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=7969&xuid=B0A11139CAD54B099E325EEAD59BA511&dongle=yf3
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://eb2.3lift.com/xuid?mid=7969&xuid=B0A11139CAD54B099E325EEAD59BA511&dongle=yf3
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=B0A11139CAD54B099E325EEAD59BA511

43 B
175 B

376ms
118ms

Image
image/gif

2600:1f18:612b:4216:7574:b4b8:a72d:d165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=B0A11139CAD54B099E325EEAD59BA511
Protocol: H2
Server: 2600:1f18:612b:4216:7574:b4b8:a72d:d165 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Sat, 18 Nov 2023 22:41:11 GMT
server: nginx
content-type: image/gif

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://simplifi.partners.tremorhub.com/sync?UISF=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=B0A11139CAD54B099E325EEAD59BA511
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B0A11139CAD54B099E325EEAD59BA511

95 B
436 B

42ms
41ms

Image
image/png

34.111.113.62
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B0A11139CAD54B099E325EEAD59BA511

Protocol

Server

34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

62.113.111.34.bc.googleusercontent.com

Software

Jetty(11.0.13) /

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:11 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
content-type: image/png
access-control-allow-origin: *
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: Jetty(11.0.13)
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: *
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=B0A11139CAD54B099E325EEAD59BA511
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

empty.gif
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=B0A11139CAD54B099E325EEAD59BA511
https://d.agkn.com/pixel/10751/?che=1700347271031&ip=217.114.218.29&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D218993204704005004936
https://um.simpli.fi/aa_px?sk=218993204704005004936
https://um.simpli.fi/empty.gif

43 B
361 B

42ms
41ms

Image
image/gif

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/empty.gif

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

date: Sat, 18 Nov 2023 22:41:11 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: /empty.gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0A11139CAD54B099E325EEAD59BA511

0
0

140ms
36ms

Image
text/html

99.84.88.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0A11139CAD54B099E325EEAD59BA511
Protocol: H2
Server: 99.84.88.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-84-88-13.muc50.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 45ms
43ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 45ms
44ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=B0A11139CAD54B099E325EEAD59BA511;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=B0A11139CAD54B099E325EEAD59BA511;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjEzMjU3NjE0NTY2OTM3NDQ4MQ==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEH2BCGMRTIQEiJvqTncKvP4&google_cver=1

43 B
388 B

46ms
32ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEH2BCGMRTIQEiJvqTncKvP4&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:10 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:11 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEH2BCGMRTIQEiJvqTncKvP4&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0A11139CAD54B099E325EEAD59BA511&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=B0A11139CAD54B099E325EEAD59BA511&j=0&xl8blockcheck=1

0
771 B

65ms
64ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=B0A11139CAD54B099E325EEAD59BA511&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:11 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Sat, 18 Nov 2023 22:41:11 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=B0A11139CAD54B099E325EEAD59BA511&j=0&xl8blockcheck=1
content-type: image/gif
cache-control: no-cache
access-control-allow-credentials: true
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 46ms
44ms Image
image/gif 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=B0A11139CAD54B099E325EEAD59BA511

0
421 B

520ms
123ms

Image
text/plain

52.22.242.5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=B0A11139CAD54B099E325EEAD59BA511
Protocol: HTTP/1.1
Server: 52.22.242.5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-242-5.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Sat, 18 Nov 2023 22:41:11 GMT

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://sync.bfmio.com/sync?pid=141&uid=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

200

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=B0A11139CAD54B099E325EEAD59BA511

62 B
444 B

305ms
189ms

Image
image/gif

69.192.160.219
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=B0A11139CAD54B099E325EEAD59BA511
Protocol: H2
Server: 69.192.160.219 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-160-219.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Sat, 18 Nov 2023 22:41:11 GMT
content-length: 62
content-type: image/gif

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://stags.bluekai.com/site/29931?id=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

404

tpid=B0A11139CAD54B099E325EEAD59BA511
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B0A11139CAD54B099E325EEAD59BA511

49 B
266 B

193ms
57ms

Image
image/gif

176.34.182.11
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B0A11139CAD54B099E325EEAD59BA511
Protocol: H2
Server: 176.34.182.11 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-176-34-182-11.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:11 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.14.145
content-length: 49
expires: 0

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=B0A11139CAD54B099E325EEAD59BA511

0
311 B

164ms
58ms

Image
text/plain

216.52.2.30
SINGLEHOP-LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=B0A11139CAD54B099E325EEAD59BA511
Protocol: HTTP/1.1
Server: 216.52.2.30 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Expires: Fri, 20 Mar 2009 00:00:00 GMT
Pragma: no-cache
Date: Sat, 18 Nov 2023 22:41:11 GMT
X-MERGE: GDPR Optout true
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap6ams1
P3P: CP="CUR ADM OUR NOR STA NID"

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://ce.lijit.com/merge?pid=2&3pid=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=B0A11139CAD54B099E325EEAD59BA511

0
98 B

121ms
42ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=B0A11139CAD54B099E325EEAD59BA511
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:11 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://idsync.rlcdn.com/419566.gif?partner_uid=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H3

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1700347270668&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&ocp_id=...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIge_Dm...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIge_DmM...

42 B
64 B

43ms
42ms

Image
image/gif

2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIge_DmM_OggMVtov9Bx3lBQMu&is_vtc=1&ocp_id=hj1ZZYGULLaX9u8P5YuM8AI&cid=CAQSKQDICaaNjxxjsyLkuXJPUKxQuHAWslZCDCPThZYGIuRgavwav577FSp_&random=3167506647&ipr=y

Protocol

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1058792767&cv=7&fst=1700347270668&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ct_cookie_present=false&sscte=1&crd=&pscrd=IhMIge_DmM_OggMVtov9Bx3lBQMu&is_vtc=1&ocp_id=hj1ZZYGULLaX9u8P5YuM8AI&cid=CAQSKQDICaaNjxxjsyLkuXJPUKxQuHAWslZCDCPThZYGIuRgavwav577FSp_&random=3167506647&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 spotx_match
um.simpli.fi/ 0
272 B 62ms
60ms Image
text/plain 34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/spotx_match

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods: GET, POST, OPTIONS

GET
H2

200

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=B0A11139CAD54B099E325EEAD59BA511
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0A11139CAD54B099E325EEAD59BA511

43 B
895 B

38ms
38ms

Image
image/gif

37.252.171.21
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0A11139CAD54B099E325EEAD59BA511

Protocol

Server

37.252.171.21 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:11 GMT
an-x-request-uuid: e450bade-36e9-4b60-ade8-90b4519c0e53
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:11 GMT
an-x-request-uuid: 4dfb3c45-fa76-4791-9799-a71d8290c034
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DB0A11139CAD54B099E325EEAD59BA511
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.29; 217.114.218.29; 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0A11139CAD54B099E325EEAD59BA511&expires=365

0
239 B

182ms
33ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0A11139CAD54B099E325EEAD59BA511&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=B0A11139CAD54B099E325EEAD59BA511&expires=365
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=B0A11139CAD54B099E325EEAD59BA511

43 B
264 B

127ms
43ms

Image
image/gif

34.98.64.218
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=B0A11139CAD54B099E325EEAD59BA511
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:11 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=B0A11139CAD54B099E325EEAD59BA511
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 17 Nov 2023 22:41:10 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEBXooz35RG0PfQYT2je-Ne4&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=B0A11139CAD54B099E325EEAD59BA511
https://um.simpli.fi/g_match?id=

0
320 B

42ms
41ms

Image
text/plain

34.91.62.186
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

186.62.91.34.bc.googleusercontent.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.downtowngrand.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 22:41:10 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Fri, 17 Nov 2023 22:41:10 GMT

Redirect headers

pragma: no-cache
date: Sat, 18 Nov 2023 22:41:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://um.simpli.fi/g_match?id=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

133 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.downtowngrand.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 57qmd3hc3cud5auqr00orl19h9
www.downtowngrand.com/	1970-01-20 17:02:19	Name: ACCEPT_WEBP Value: true
.downtowngrand.com/	1970-01-20 18:28:43	Name: _gcl_au Value: 1.1.1920684521.1700347269
.downtowngrand.com/	1970-01-21 01:55:07	Name: _ga_8KQVZFDT29 Value: GS1.1.1700347269.1.0.1700347269.60.0.0
.simpli.fi/	1970-01-21 01:06:09	Name: suid Value: B0A11139CAD54B099E325EEAD59BA511
.downtowngrand.com/	1970-01-21 01:55:07	Name: _ga Value: GA1.2.1987188650.1700347269
.downtowngrand.com/	1970-01-20 16:20:33	Name: _gid Value: GA1.2.2144492520.1700347269
.downtowngrand.com/	1970-01-20 16:19:07	Name: _gat_UA-44657735-1 Value: 1
.downtowngrand.com/	1970-01-21 01:55:07	Name: nmstat Value: f78cc32a-6a9e-90a6-da75-fdf06bfdb6ce
.downtowngrand.com/	1970-01-20 16:20:33	Name: _uetsid Value: 918204e0866311ee8c4d7d59dafe98a2
.downtowngrand.com/	1970-01-21 01:40:43	Name: _uetvid Value: 9182a9c0866311eebef61b17a77518e8
.doubleclick.net/	1970-01-21 01:40:43	Name: IDE Value: AHWqTUmsyxOYFrlK1Be2dT2T8ff2B78L6tUOd8EdohRokADmJUjePgpOZ-ZP4My7
.bing.com/	1970-01-21 01:40:43	Name: MUID Value: 19C24FC556696CE615BB5C0857E26D14
6119418.global.siteimproveanalytics.io/	1970-01-20 16:29:12	Name: AWSALBCORS Value: P/QIbnCUM+bMrRnrW8KnnIaiXv2vLrp2SPubuIYV25qq5KfOava3Nn32hEQZzOgvZaQ4Pxq4nMVHU4mNezmXsZG4yGQNf/vaBc/MP+nXjkJHRjsK+lFkFuGCpiQi
.downtowngrand.com/	1970-01-20 18:28:43	Name: _fbp Value: fb.1.1700347269822.95944695
.simpli.fi/	1970-01-20 16:29:12	Name: uid_syncd_secure Value: true
www.downtowngrand.com/	1970-01-20 16:29:12	Name: AWSALB Value: aKR0R9j0cKXly0OuykExlSt/krPQPYEZEpBb68eFPxk9gmIRyRySxrz2WF+iwJsQJT4E5Xv6jIZNwLM90R/7QQfeo18G8IvoV70ET84s/ctneubLG0xQoFGQTYG5
.tapad.com/	1970-01-20 17:45:31	Name: TapAd_TS Value: 1700347270971
.tapad.com/	1970-01-20 17:45:31	Name: TapAd_DID Value: 0d2fc6b1-3d3e-42d6-a180-62a7c2982763
.1rx.io/	1970-01-21 01:04:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8dba6b7-982a-45cf-8442-adfa867214e2-003%22%7D
.tapad.com/	1970-01-20 17:45:31	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-21 01:04:43	Name: ab Value: 0001%3Axev9EIEsbQmIFVyZlxT0A%2BNuFbzWve94
.pro-market.net/	1970-01-20 17:02:19	Name: anHistory Value: "g7a75gin5mvl+2+!#7%.%[#_dq"
.adnxs.com/	1970-01-20 18:28:43	Name: uuid2 Value: 7871560845071689979
.adnxs.com/	1970-01-20 18:28:43	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2Hc'rKv:l!@wnfH8KW.dG5<#Z?TsFFT?)rH!G@QDZ]s8CyspCGm5mw%OTBR6PYo+%JOmc_EQE1.g4dkXstGt!@CZR)h`5V
.exelator.com/	1970-01-20 19:11:55	Name: EE Value: "65ecb522d711eae27cbb25ba14f97af9"
.pro-market.net/	1970-01-20 20:38:19	Name: anProfile Value: "g7a75gin5mvl+1+1f=1+1g=1+1j=41+rs=s+rt=20011B60000202403247000000000012+s2=(s4cccn)+vm=24-B0A11139CAD54B099E325EEAD59BA511:53-CAESEH2BCGMRTIQEiJvqTncKvP4"
.targeting.unrulymedia.com/	1970-01-21 01:04:43	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-a8dba6b7-982a-45cf-8442-adfa867214e2-003%22%7D
.agkn.com/	1970-01-21 01:04:43	Name: u Value: C\|0AAAAAAAALOv6BwAAAAAA
.exelator.com/	1970-01-20 19:11:55	Name: ud Value: "eJxrXxzq6XKLQcHMNDU5ydTIKMXc0DA1MdXIPDkpycg0KdHQJM3SPDHNcnFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQckl%252BUWb6IhfXxUUpaQyLSopPBR%252F95AMA0HgrJg%253D%253D"
.bluekai.com/	1970-01-20 20:41:12	Name: bku Value: blx99/z2VVPwasGr
.bluekai.com/	1970-01-20 20:41:12	Name: bkpa Value: KJy9nyexd02pSUHknp/8mE1hwtkAwD/yxEWh1E18x6aWBEHY1eA8HE10BDPaxDxNmDJOBEWh9y97fxri
.bfmio.com/	1970-01-21 01:04:43	Name: __141_cid Value: B0A11139CAD54B099E325EEAD59BA511
.bfmio.com/	1970-01-21 01:04:43	Name: __io_cid Value: 76766b132486c9e3fda70666fe8f13cfc5ff4f6c

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googleadservices.com/pagead/conversion.js(Line 29) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=B0A11139CAD54B099E325EEAD59BA511 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=B0A11139CAD54B099E325EEAD59BA511 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=B0A11139CAD54B099E325EEAD59BA511 Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com
6119418.global.siteimproveanalytics.io
aa.agkn.com
api.tambourine.com
app.termly.io
bat.bing.com
bcp.crwdcntrl.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
contact-api.inguest.com
d.agkn.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
forge.gtsgapps.com
frontend.cdn.tambourine.com
frontend.tambo.site
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
loadm.exelator.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.tapad.com
region1.analytics.google.com
s.ad.smaato.net
simplifi.partners.tremorhub.com
siteimproveanalytics.com
stags.bluekai.com
static.cloudflareinsights.com
stats.g.doubleclick.net
symphony.cdn.tambourine.com
sync.1rx.io
sync.bfmio.com
sync.intentiq.com
sync.targeting.unrulymedia.com
tag.simpli.fi
um.simpli.fi
us-u.openx.net
widgets.gtsgig.com
www.downtowngrand.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.thehotelsnetwork.com
104.18.160.83
13.248.245.213
142.250.185.98
176.34.182.11
18.173.187.96
18.196.55.188
2001:4860:4802:32::36
216.52.2.30
216.58.212.130
23.45.238.237
2600:1901:0:8eee::
2600:1f18:612b:4216:7574:b4b8:a72d:d165
2600:9000:225b:7600:b:4a4a:a7c0:93a1
2600:9000:225b:fc00:1:279d:1d40:93a1
2600:9000:237d:7800:1b:5138:8a40:93a1
2600:9000:26da:da00:5:8193:8e40:93a1
2606:4700::6810:3965
2606:4700::6810:c218
2606:4700::6811:180e
2606:4700::6811:4416
2606:4700::6812:a453
2606:4700:e2::ac40:8a05
2620:1ec:c11::200
2a00:1450:4001:803::200a
2a00:1450:4001:808::2008
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:81c::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2004
2a00:1450:400c:c0a::9d
2a03:2880:f080:9:face:b00c:0:3
2a03:2880:f173:81:face:b00c:0:25de
2a06:98c1:3121::3
3.123.116.199
34.111.113.62
34.254.143.3
34.91.62.186
34.98.64.218
35.204.89.238
35.244.174.68
35.71.131.137
37.252.171.21
44.238.236.15
46.228.174.117
52.213.93.159
52.22.242.5
69.173.144.139
69.192.160.219
99.84.88.13
00d01fa752d34b595b0c92033b9293ea8fd6b8ec885c74c49aa7ab3df1f404ea
052e58079bc72cbc064ece64e0df1af113fbb15d92fc3aa6c42596d0d5ffed9d
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0d2ee4279a4f1fc8a8cc11ac8429cb6d1bafe8620b624d03a8c1c1dce9761d14
0fd5868efc58d9b51655eb5f629ee84141c7c02bc31ae19aa597d66ff4f0af07
1e3ceb99e33b0f3d149b7d617b24a487d07fe7595aa24d04a7f45a0312b0654c
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
2509d72c909ca295be6de16785fa2469e44c12509215bcc1a4ca519efb86343c
261af33a9473a00060eb68205416b510175f79556702475dd9aba2f75482579e
27477cae35fa16324eb29e830c181ad33340f63cea5f3623d5428adc9198aa34
2bdf45991a04b483a043c9c12f89c6d3498c98d5cd6bd50cf5670a5563dd346f
2c67a07118d1af64f10aaeec8657870df333c1b2e40199d02a0a5a376c9a031c
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fbc531e621926042d494337839c3ec75dfd9ff7080e48314abc60585f09594c
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
34eace17373618f0ef6ad0052c607c2b3a6c02af6a6e0a1d16fa15efb97c139d
361458538f88fca10e7a4dc155c381cd418f3edf008c7a8428a08544650d91c1
3af3d891e8c7dae56c3822e4c10eef6afe17fac5b65383d3e06f34e85811c6a9
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
418721ff5f4f3f61cca5551c87469d157d2da2bade34ef353b54ab3dbbc8a336
41931a1c11d708c1ad5d998be5dc8a95ff22b1d57a2815e828b3abf00b575ac4
42cfb18fd21c02a1ceae279c33456cc7c90b55181e58728cb8961f599cddfe79
442774d07bbaa960a3c59d71dba519c98403ad4af361feb3612185eba55b3e99
44fc462799839c3cd6ef6a53f2d92b7c586edf219e4434d7b829f3d15f642af3
454ac6445a518db55bd064f5923cdea9a99337e3d936745ca47b088a729aac6f
48f428e931a447bd8b7164a812fa4e4ca735086682813351db0bf3c43aa35c23
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
56a3cd98d36ec4692f4113bc989ca4997ac45a411e7b13ed7ff4abd31dbf1589
56ace70e45c13b7a03caf650ae3ee0df80288af24169d45f84668b724166c4ae
56e9e5727e855ffda18db1c13b26eb33a9288289a3a8119f19f6f72f53df0bc6
5c5c3d76cb0beb426e085fa5de4bfd09dd1c73854668723b5b1d12fb1c75f67a
5e319852607809336b2534ffeb96f6933f26994dd040f535302c84f59cc0a214
6123bcba0dee5f039a3396930d04e017d752851fa3bbcde2c7f44e331cc33e96
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
664af93825bc4a441e30b57b2261a9c560460f35d25bcb419517dacaec5d7d9c
6c3b62e4d046236c0ca75b2ce0ed55e6edf3f272cf50ecfdd7db985d019afb39
6feb3bf4c8fa0f094566bc6405d6dd28b6bc89b977aa6c55a65b4b826d11f8df
704519bb19f37f802ae6c1b1a9bff22b8c67cc797650cc8c33c353d23837b254
783f375222f2fbbea6a7e707fae770d19daf9f377bfbe68480d77b95901f2067
8167d73d3ce99729756e5a24b0b536931031a55bce60e09afc703df6d4e7d096
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
886915e7d408d04a6c7b4ec0ca3879ce8f206d7f99b5ff26b142f0085c64eee1
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dfd83d6d0d3fed4db84ab8cd0338a473dfa90ed81e7da2e2a8f3d91d96b5bd6
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
94be68ff19b51715111d9be8bb85d7d688fdc0e60f6b3d1db011d1ea86263207
9a8ef2cc37370aab28ce8917fa9a7089b9f6e8c7729d6976c1b1d8d191f49da9
9c0a5bf71b72e7a9dc2295f073f24bd1dc8c7c933bc4291930042fdd0a5fbd30
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a9be58b47b02992d6a87560e738e35b2b5a0ef1493462dbd3c95b30d275a4812
acca2ce795ec76be5166a6f07ca71c7a760816fda9e87281fde99da7fdf13f30
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b35add0e1ee39219484345bc3e4d8400acf5a87c1c9e54221625563d9b42f4e0
b3a5c47d1cbb92f58db0c0e7e4b133acf2e4ad303b401b1891fd5d6f322d4e0b
b640eee9ac99ce783b859ffeb397578bd20956fbeaa7429ca8d02335bdccd34f
b8f77949fc421e35a1f82edca013fab07e0d5e670e4ceeedee293168f5d68878
bae30756ee6a739a884c7155c589b8fa38f9a71e16003ea94c6163ae6f37cce9
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcb2ca1e71af730d09bf7cff563554c703a4b91e8128a63e0baa6beb39d3ac39
c642713699195abd5da92f5f2407f3866a5b9abedef20ada8c07041625fcb790
c7b8b81d828b9e5f17772d762ea291499f8cf39e1953a06f2be0f4ab62f49723
c94f080a550a1f2d4fe07d371969b7a40c01606bd5624e8c03c976cbf5e06058
cec74c749d7ad020709a3fe9cf5578887303df50b17fefd2774e324567acd7a1
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00ddd77a7d38f8ee326c283ef0f70dcb54fccf875aa569b4d78fb5b7eeb1605
d01872f15ee302647bffbca25f61745c27fda2463b3cf7e191a7d30d69d99a06
d19779e3ddf8ff4e121d695cd3ddd7ab6ced1d52751a212e2add40934e601b98
d2b43bc0f42742eda128231f424887d48850c75c7528f564e924ef9ab14d417a
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
dc1d5b9636d8b656b01e0bfc1de9f9c93a79d035821e0e6f484784ebce01d8d9
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00e800c8cd3187727b992b8d7eaa1853abdd42723fc11cd45bfd2022259a54a
e3a1c18e2bec0bc65946162f823325bc50ea31bee334636f44aa2687d9356b50
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b4d717b08ce52385c0195e821a37b0295fe0d92d3c5cf47d2fffefbda039b6
eccb5640ed07154529342801fe9ed1dc42ee6831e30731ff9e175c5b10ba97b6
ed9e18d826cf8102bbc89fdc06753014ff5b79e5a5f9c665cb32a68c3619cee8
eeac74d60f364513e94dcefa946273da1c8fe52f32141f5bff7f8b5773f0a20e
eed602d79758524d558ed426b06cd885bcf595d46db0ca69f3e6245f1750ce7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efb20a60bf8a76de2a1cff4fe7d564cfdc5ed46eb576a0aadfe7e2824a89d1fd
fa575bc77a75c441e90ed01f4e90d82bcc468f934ca79cd069904922f8ec7308
fc31c7d2528b2a0202c7c64bc976929288fc02caf7312171993ba8137cbfcf2e
fcf3d11b295c3fb16faea75f092b8722141be082dc0d7689b6bc6d8f7b4cf054

www.downtowngrand.com Open in urlscan Pro 104.18.160.83 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

128 Requests

84 %HTTPS

50 %IPv6

44 Domains

53 Subdomains

47 IPs

7 Countries

11527 kBTransfer

13471 kBSize

34 Cookies

18 Outgoing links

Page URL History

Redirected requests

128 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.downtowngrand.com Open in urlscan Pro
104.18.160.83 Public Scan

Screenshot
Live screenshot

Full Image

128
Requests

84 %
HTTPS

50 %
IPv6

44
Domains

53
Subdomains

47
IPs

7
Countries

11527 kB
Transfer

13471 kB
Size

34
Cookies

128 HTTP transactions
2 data transactions