online.foxwoods.com Open in urlscan Pro
13.225.78.124 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://foxwoods.onelink.me/1911936602?pid=email&c=strikeitgold2021&af_dp=bbefox9CBC304F://&af_web_dp=http://online.foxwoods...
Effective URL:
https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Submission: On May 08 via manual (May 8th 2021, 5:26:25 pm UTC) from US

Summary HTTP 113 Redirects Behaviour Indicators

Summary

This website contacted 27 IPs in 6 countries across 24 domains to perform 113 HTTP transactions. The main IP is 13.225.78.124, located in United States and belongs to AMAZON-02, US. The main domain is online.foxwoods.com.
TLS certificate: Issued by Amazon on April 4th 2021. Valid for: a year.

This is the only time online.foxwoods.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2.16.107.153 2.16.107.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 16	13.225.78.124 13.225.78.124	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
2	65.9.73.51 65.9.73.51	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba1a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (HIGHWINDS3) (HIGHWINDS3)
1	151.101.112.65 151.101.112.65	54113 (FASTLY) (FASTLY)
1	18.202.159.25 18.202.159.25	16509 (AMAZON-02) (AMAZON-02)
10 13	34.243.193.207 34.243.193.207	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
4	54.242.87.51 54.242.87.51	14618 (AMAZON-AES) (AMAZON-AES)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	142.250.184.230 142.250.184.230	15169 (GOOGLE) (GOOGLE)
14	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 2	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.22 37.252.173.22	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	44.237.170.186 44.237.170.186	16509 (AMAZON-02) (AMAZON-02)
113	27

1 2.16.107.153 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

foxwoods.onelink.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 13.225.78.124 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-124.fra2.r.cloudfront.net

online.foxwoods.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.73.51 (United States)

ASN16509 (AMAZON-02, US)

cdn.appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba1a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.112.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.159.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-159-25.eu-west-1.compute.amazonaws.com

prod.webpu.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.243.193.207 (Dublin, Ireland) 10 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-193-207.eu-west-1.compute.amazonaws.com

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.242.87.51 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-242-87-51.compute-1.amazonaws.com

api.foxwoods.blueboxengine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.230 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net

10656469.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:26f0:6c00::210:ba2a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.22 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:28d::19fd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.237.170.186 (Boardman, United States)

ASN16509 (AMAZON-02, US)

col.eum-appdynamics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	foxwoods.com 1 redirects online.foxwoods.com	5 MB
15	typekit.net use.typekit.net p.typekit.net	312 KB
13	prfct.co 10 redirects pixel-geo.prfct.co	5 KB
6	doubleclick.net 3 redirects 10656469.fls.doubleclick.net cm.g.doubleclick.net stats.g.doubleclick.net	3 KB
5	facebook.com www.facebook.com	647 B
4	facebook.net connect.facebook.net	161 KB
4	blueboxengine.com api.foxwoods.blueboxengine.com	859 B
4	google-analytics.com www.google-analytics.com	19 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	31 KB
2	google.de adservice.google.de	1 KB
2	google.com adservice.google.com	1 KB
2	adnxs.com 1 redirects secure.adnxs.com	2 KB
2	openx.net 1 redirects us-u.openx.net	472 B
2	appdynamics.com cdn.appdynamics.com	43 KB
1	eum-appdynamics.com col.eum-appdynamics.com	1 KB
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	yahoo.com ads.yahoo.com	445 B
1	twitter.com analytics.twitter.com	585 B
1	webpu.sh prod.webpu.sh	21 KB
1	marinsm.com tag.marinsm.com	4 KB
1	jquery.com code.jquery.com	8 KB
1	createjs.com code.createjs.com	48 KB
1	googletagmanager.com www.googletagmanager.com	33 KB
1	onelink.me 1 redirects foxwoods.onelink.me	189 B
113	24

	Domain	Requested by
16	online.foxwoods.com	1 redirects online.foxwoods.com
14	use.typekit.net	online.foxwoods.com
13	pixel-geo.prfct.co	10 redirects online.foxwoods.com
5	www.facebook.com	connect.facebook.net online.foxwoods.com
4	10656469.fls.doubleclick.net	2 redirects www.googletagmanager.com
4	connect.facebook.net	online.foxwoods.com connect.facebook.net
4	api.foxwoods.blueboxengine.com	cdn.appdynamics.com
4	www.google-analytics.com	online.foxwoods.com cdn.appdynamics.com
2	adservice.google.de	adservice.google.com
2	adservice.google.com	10656469.fls.doubleclick.net
2	secure.adnxs.com	1 redirects online.foxwoods.com
2	us-u.openx.net	1 redirects online.foxwoods.com
2	cdn.appdynamics.com	online.foxwoods.com cdn.appdynamics.com
2	fonts.googleapis.com	online.foxwoods.com
1	col.eum-appdynamics.com	cdn.appdynamics.com
1	p.typekit.net	online.foxwoods.com
1	stats.g.doubleclick.net	cdn.appdynamics.com
1	cm.g.doubleclick.net	1 redirects
1	pixel.rubiconproject.com	online.foxwoods.com
1	ads.yahoo.com	online.foxwoods.com
1	analytics.twitter.com	online.foxwoods.com
1	prod.webpu.sh	online.foxwoods.com
1	tag.marinsm.com	online.foxwoods.com
1	code.jquery.com	online.foxwoods.com
1	code.createjs.com	online.foxwoods.com
1	ajax.googleapis.com	online.foxwoods.com
1	www.googletagmanager.com	online.foxwoods.com
1	foxwoods.onelink.me	1 redirects
113	28

This site contains no links.

Subject Issuer	Validity	Valid
online.foxwoods.com Amazon	`2021-04-04` - `2022-05-03`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.appdynamics.com DigiCert SHA2 Secure Server CA	`2020-05-17` - `2021-07-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh
jquery.org Sectigo RSA Domain Validation Secure Server CA	`2020-10-06` - `2021-10-16`	a year	crt.sh
tag.marinsm.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-03-22` - `2022-04-23`	a year	crt.sh
webpu.sh R3	`2021-03-18` - `2021-06-16`	3 months	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
api.use1.greentubepro.com Amazon	`2020-12-06` - `2022-01-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
use.typekit.net DigiCert SHA2 Secure Server CA	`2020-01-28` - `2022-02-01`	2 years	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-04-26` - `2021-06-16`	2 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.typekit.net DigiCert SHA2 Secure Server CA	`2019-12-06` - `2021-12-10`	2 years	crt.sh
*.eum-appdynamics.com DigiCert SHA2 Secure Server CA	`2020-05-10` - `2021-07-15`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Frame ID: EF5563EAFBAB5B22E7FFA85773DC1A23
Requests: 105 HTTP requests in this frame

Frame: https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
Frame ID: 2FE12CA45440A8FC7D28101A1BEBF412
Requests: 1 HTTP requests in this frame

Frame: https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
Frame ID: 8D91E3B8844E101476BA6527058B5C5E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
Frame ID: 3FEB97197D1ACA90442E92A64B2DAF75
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
Frame ID: D8311DEF122AA6834EB84B31B70D5266
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
Frame ID: 250B2663DEC24CABFCF7DC95F0B27F80
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
Frame ID: 3EA799F2A01E4A08B0B6EBB4A4DAC413
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://foxwoods.onelink.me/1911936602?pid=email&c=strikeitgold2021&af_dp=bbefox9CBC304F://&af_web_dp=ht... HTTP 302
http://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campa... HTTP 301
https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campa... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Page Statistics

113
Requests

65 %
HTTPS

50 %
IPv6

24
Domains

28
Subdomains

27
IPs

6
Countries

5437 kB
Transfer

9694 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://foxwoods.onelink.me/1911936602?pid=email&c=strikeitgold2021&af_dp=bbefox9CBC304F://&af_web_dp=http://online.foxwoods.com&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021 HTTP 302
http://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021 HTTP 301
https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13

https://pixel-geo.prfct.co/tagjs?a_id=59037&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=59037&source=js_tag

Request Chain 20

https://10656469.fls.doubleclick.net/activityi;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021 HTTP 302
https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Request Chain 21

https://10656469.fls.doubleclick.net/activityi;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021 HTTP 302
https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Request Chain 73

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_b6itlNufK0YLnQOQD

Request Chain 74

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_b6itlNufK0YLnQOQD&sigv=1&esig=2~f1bad8fbdc7b832130cdb530c3b21113f8806ffd

Request Chain 75

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_b6itlNufK0YLnQOQD HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_b6itlNufK0YLnQOQD

Request Chain 76

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_b6itlNufK0YLnQOQD

Request Chain 77

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfYjZpdGxOdWZLMFlMblFPUUQ HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 79

https://secure.adnxs.com/seg?t=2&add=5002402 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D5002402

113 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
online.foxwoods.com/
Redirect Chain

https://foxwoods.onelink.me/1911936602?pid=email&c=strikeitgold2021&af_dp=bbefox9CBC304F://&af_web_dp=http://online.foxwoods.com&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
http://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

5 KB
5 KB

531ms
221ms

Document
text/html

13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 042f24e48ddd16307381cb6fd454704e23e9072d4b12364f06b121b3b3b9d58c

Request headers

:method: GET
:authority: online.foxwoods.com
:scheme: https
:path: /?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: text/html
content-length: 4629
server: nginx
date: Sat, 08 May 2021 17:26:04 GMT
last-modified: Mon, 08 Mar 2021 19:52:42 GMT
etag: "6046808a-1215"
expires: Sat, 08 May 2021 17:26:04 GMT
cache-control: max-age=0 no-cache, no-store, must-revalidate
pragma: no-cache
accept-ranges: bytes
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-amz-cf-id: TwoYEgBxu9zn14Us2kUPdxBq6oiEEL1h8mofSKUoaMs-UR5oG3dgCg==

Redirect headers

Server: CloudFront
Date: Sat, 08 May 2021 17:26:04 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
X-Cache: Redirect from cloudfront
Via: 1.1 999a435eb37a050d3de26fe63534c416.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA2-C2
X-Amz-Cf-Id: _1y6ChmsHs_ezdWI7YATgouBNo3XZ9E8qGahCqWSjt9Hxf9jWdphDg==

GET
H3-29 200 css
fonts.googleapis.com/ 10 KB
772 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:light,normal,semi-bold,bold,extra-bold

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

586341b2e23993a5c8d45db157b5e2d287121303d207cddf4139a0e06c3b866d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 08 May 2021 17:26:04 GMT
server: ESF
date: Sat, 08 May 2021 17:26:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 May 2021 17:26:04 GMT

GET
H2 200 adrum-4.5.0.773.js Show response
cdn.appdynamics.com/adrum/ 65 KB
24 KB 154ms
78ms Script
application/javascript 65.9.73.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum/adrum-4.5.0.773.js
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 14a806b8e455dcc19500055370d9972233470b28bd0cd5c81ece4bd115267faa

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 00:47:32 GMT
content-encoding: gzip
age: 2479112
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 14 May 2018 17:54:17 GMT
server: nginx/1.16.1
etag: W/"5af9cd49-102a3"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: 79sszA6j_jTtuR8iQiTb06-GmRRTTKzePU56WhxzZzvSER6fjLrC7Q==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 81 KB
33 KB 37ms
36ms Script
application/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-10656469

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7145d40f877f4b1a24bbba198452e40a8b93eca5aa3ee897066d3eaf5fcf92bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:05 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33290
x-xss-protection: 0
last-modified: Sat, 08 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 08 May 2021 17:26:05 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 1023 B
426 B 23ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3d020254e1f6b6e7306ee1fa0f0debd31b1d574fdb1df47145eec2e605f47d46

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 08 May 2021 16:38:36 GMT
server: ESF
date: Sat, 08 May 2021 17:26:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 08 May 2021 17:26:04 GMT

GET
H2 200 loader.css
online.foxwoods.com/ 984 B
890 B 31ms
31ms Stylesheet
text/css 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/loader.css
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 4375ddc74918a4af9f36da38da0e683d8984135d82df39424cd974bc496d8791

Request headers

:path: /loader.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 00:48:47 GMT
content-encoding: gzip
age: 59837
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 08 Mar 2021 19:52:30 GMT
server: nginx
etag: W/"6046807e-3d8"
vary: Accept-Encoding
content-type: text/css
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: QuDEYuZj56uPHURVDXqxrRq8T-HYxYzsCbZOZku17YI8-VHcwQgugw==
access-control-allow-method: GET, POST

GET
H2 200 fw_oc_logo_1.png
online.foxwoods.com/app/images/general/ 25 KB
26 KB 71ms
70ms Image
image/png 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.foxwoods.com/app/images/general/fw_oc_logo_1.png
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 1333f49019d3a62a3294b31e24adde92d2f7cee3374ac78744cd682f5200574b

Request headers

:path: /app/images/general/fw_oc_logo_1.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 00:48:47 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 59838
x-cache: Hit from cloudfront
content-length: 25751
last-modified: Thu, 15 Oct 2020 21:03:27 GMT
server: nginx
etag: "5f88b91f-6497"
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: rTeuvelwjs_P9zZAyX2hPFraGfe3qZJXWTGBvLePeQoyzbU9qUPIvw==
access-control-allow-method: GET, POST

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.2.0/ 84 KB
29 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.2.0/jquery.min.js

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 05 May 2021 09:04:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 289301
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30089
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 May 2022 09:04:23 GMT

GET
H2 200 createjs-2015.11.26.min.js Show response
code.createjs.com/ 186 KB
48 KB 34ms
19ms Script
text/javascript 2a02:26f0:6c00::210:ba1a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/createjs-2015.11.26.min.js
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00::210:ba1a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: 575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:04 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 08 May 2021 17:41:04 GMT

GET
H2 200 environment.js Show response
online.foxwoods.com/ 66 B
567 B 66ms
66ms Script
application/javascript 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/environment.js
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: da010baefe5a824ca7f3c77f6a1c13dc57e10031008c55fdaeae8a9292d812b4

Request headers

:path: /environment.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 00:48:47 GMT
content-encoding: gzip
age: 59836
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 15 Oct 2020 18:42:09 GMT
server: nginx
etag: W/"5f889801-42"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: nCkA1ZRxJP8n9d2L744En---u6WWdJLQlQKcaLIR7X7BnltL0q0syw==
access-control-allow-method: GET, POST

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.11.4/themes/smoothness/ 34 KB
8 KB 24ms
8ms Stylesheet
text/css 2001:4de0:ac18::1:a:1b
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.11.4/themes/smoothness/jquery-ui.css
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:05 GMT
content-encoding: gzip
last-modified: Wed, 11 Mar 2015 13:03:17 GMT
server: nginx
etag: W/"55003d15-898c"
vary: Accept-Encoding
x-hw: 1620494765.dop102.fr8.t,1620494765.cds252.fr8.hc,1620494765.cds006.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8056

GET
H2 200 bundle.js Show response
online.foxwoods.com/build/f553f825/ 4 MB
1 MB 70ms
69ms Script
application/javascript 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/build/f553f825/bundle.js
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 1aa44450b546a769cc22d669bb91a5b40a3095a7b4f8e4bef8ee56a0536cb58f

Request headers

:path: /build/f553f825/bundle.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 20:03:41 GMT
content-encoding: gzip
age: 76944
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 08 Mar 2021 19:52:34 GMT
server: nginx
etag: W/"60468082-463240"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: n_ikjjC9R9Dsrk_WgpBTNwYkXMwWPyApXRZAsKvIvUiIXOfOZMYpEA==
access-control-allow-method: GET, POST

GET
H/1.1 200
OK 56fc572f5e616adb2e000056.js Show response
tag.marinsm.com/serve/ 12 KB
4 KB 1043ms
948ms Script
text/javascript 151.101.112.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/56fc572f5e616adb2e000056.js

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.112.65 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

7826903e63223938df197d806488071207cc1711ce998ee3095670ebfa96eee5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 08 May 2021 17:26:05 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 0
X-Cache: MISS
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 4142
X-Served-By: cache-hhn4052-HHN
Server: Cowboy
X-Timer: S1620494765.209992,VS0,VE202
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H/1.1 200
OK sdk.js Show response
prod.webpu.sh/TAhY1k6O1p1VGdOrLCCf0psfw2hXkTwR/ 101 KB
21 KB 247ms
121ms Script
text/javascript 18.202.159.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.webpu.sh/TAhY1k6O1p1VGdOrLCCf0psfw2hXkTwR/sdk.js
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.159.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-159-25.eu-west-1.compute.amazonaws.com
Software: openresty /
Resource Hash: 91aee799d8c5d42a3dce8da9f6cbaacab52039d332308edb4cede3dcdb9d57ce

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sat, 08 May 2021 17:26:05 GMT
Content-Encoding: gzip
Last-Modified: Thu, 16 Jul 2020 23:41:14 GMT
Server: openresty
x-amz-request-id: N85AZ0JAVWND9XJ9
ETag: W/"6f038e76cb340b614f265a30cbb5356e"
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=21600
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: 45tQPG7RAPk2A7ZXqWaonGSbNVknDR1SiZkb941Ko1/vQKCFdaEiRo3/QxAr4YmzHRicReL/VNY=

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=59037&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=59037&source=js_tag

125 B
454 B

54ms
54ms

Script
text/javascript

34.243.193.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=59037&source=js_tag
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.193.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-193-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c99178e77db2ec4d462dcb083b48cdb6a6cf5edf3cf251b7b931bc9ebba3521e

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 125
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=59037&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/build/f553f825/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3554
date: Sat, 08 May 2021 16:26:52 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Sat, 08 May 2021 18:26:52 GMT

OPTIONS
H2 200 /
api.foxwoods.blueboxengine.com/getfbappid/ Frame 0
0 437ms
170ms Preflight
application/json 54.242.87.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.foxwoods.blueboxengine.com/getfbappid/
Protocol: H2
Server: 54.242.87.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-87-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: gtp-app-id
Origin: https://online.foxwoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 08 May 2021 17:26:06 GMT
content-type: application/json
content-length: 0
server: Apache
access-control-allow-methods: *
access-control-allow-headers: Authentication, gtp-app-id, gtp-property-id
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://online.foxwoods.com
vary: Origin
access-control-allow-credentials: true

OPTIONS
H2 200 getssolinks
api.foxwoods.blueboxengine.com/ Frame 0
0 423ms
170ms Preflight
application/json 54.242.87.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.foxwoods.blueboxengine.com/getssolinks
Protocol: H2
Server: 54.242.87.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-87-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: gtp-app-id
Origin: https://online.foxwoods.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
content-type: application/json
content-length: 0
server: Apache
access-control-allow-methods: *
access-control-allow-headers: Authentication, gtp-app-id, gtp-property-id
cache-control: no-cache, must-revalidate
access-control-allow-origin: https://online.foxwoods.com
vary: Origin
access-control-allow-credentials: true

GET
H2 200 / Show response
api.foxwoods.blueboxengine.com/getfbappid/ 23 B
295 B 135ms
133ms XHR
application/json 54.242.87.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.foxwoods.blueboxengine.com/getfbappid/
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.0.773.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.242.87.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-87-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 80dd02df95e9ef2bbf2030c9f40d0ec39b26e78ea1064c600a64dc40a1143ff0

Request headers

gtp-app-id: 1
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: Apache
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://online.foxwoods.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Authentication, gtp-app-id, gtp-property-id
content-length: 23

GET
H2 200 getssolinks Show response
api.foxwoods.blueboxengine.com/ 291 B
564 B 135ms
134ms XHR
application/json 54.242.87.51
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://api.foxwoods.blueboxengine.com/getssolinks
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.0.773.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.242.87.51 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-242-87-51.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 4ef924deafa0eb2cc28cbd6bc9c84bc1df77d9961236faf0ef7847ac989c1e9a

Request headers

gtp-app-id: 1
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: Apache
vary: Origin
access-control-allow-methods: *
content-type: application/json
access-control-allow-origin: https://online.foxwoods.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Authentication, gtp-app-id, gtp-property-id
content-length: 291

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/build/f553f825/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23959
x-fb-rlafr: 0
pragma: public
x-fb-debug: dSnGgSKRxaeqmPxYQf7Yv06I6mGpIJa+Ck13DIxmVGuw+q2TwafG+3wfoqJ/nrSn6UKuEnaExVdcQZT0rc55mA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 08 May 2021 17:26:06 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29

200

activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26... Show response
10656469.fls.doubleclick.net/ Frame 2FE1
Redirect Chain

https://10656469.fls.doubleclick.net/activityi;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail...
https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fon...

601 B
469 B

151ms
112ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10656469

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

18b6ac4ec89ac2fa0cd7192a489f04e6d37d30ae747f3ae3c2cbafaa95d329ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10656469.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online.foxwoods.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 444
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 08-May-2021 17:41:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%... Show response
10656469.fls.doubleclick.net/ Frame 8D91
Redirect Chain

https://10656469.fls.doubleclick.net/activityi;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fp...
https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fon...

611 B
475 B

151ms
111ms

Document
text/html

142.250.184.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=DC-10656469

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.184.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f6.1e100.net

Software

cafe /

Resource Hash

30d73182ab7719dfc8ac6402deb0a9c2ac377c9e3381733dfb9eb80b7fe68aec

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 10656469.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://online.foxwoods.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 450
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 08-May-2021 17:41:07 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 bg_lobby_169.jpg
online.foxwoods.com/app/images/backgrounds/ 241 KB
242 KB 88ms
87ms Image
image/jpeg 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.foxwoods.com/app/images/backgrounds/bg_lobby_169.jpg
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 4b8395f0d8397b82f149fed399433173895ac83e9b43af1ab89f425bd7fbc407

Request headers

:path: /app/images/backgrounds/bg_lobby_169.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 14:36:08 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 10198
x-cache: Hit from cloudfront
content-length: 247262
last-modified: Thu, 15 Oct 2020 21:05:42 GMT
server: nginx
etag: "5f88b9a6-3c5de"
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: UPJ_PI_KUqtjrEx9r-mGXxOHCgnhC446WC6O3Ym-UX-5T3rtiQrKPw==
access-control-allow-method: GET, POST

GET
H2 200 bg_lobby_169_small.jpg
online.foxwoods.com/app/images/backgrounds/ 18 KB
19 KB 87ms
87ms Image
image/jpeg 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.foxwoods.com/app/images/backgrounds/bg_lobby_169_small.jpg
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 42df2d7b04b8b9b5952bc06218d13783ea6627ddca9029cbc7695020b8d4a77e

Request headers

:path: /app/images/backgrounds/bg_lobby_169_small.jpg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 14:36:08 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 10198
x-cache: Hit from cloudfront
content-length: 18885
last-modified: Thu, 15 Oct 2020 21:05:42 GMT
server: nginx
etag: "5f88b9a6-49c5"
content-type: image/jpeg
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: cT61aZzdlL07wTssk5n6xHuFTPEJv-kzIB8I_SuTjx3_MH8gFa51-Q==
access-control-allow-method: GET, POST

GET
H2 200 registration_help_btn.png
online.foxwoods.com/app/images/general/ 25 KB
25 KB 87ms
86ms Image
image/png 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.foxwoods.com/app/images/general/registration_help_btn.png
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 63110e5bdbab93aee4f59ecbc0031067b8b91bfdcf6d4e2a3f564f260716fc57

Request headers

:path: /app/images/general/registration_help_btn.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 14:36:08 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 10198
x-cache: Hit from cloudfront
content-length: 25258
last-modified: Thu, 15 Oct 2020 21:03:27 GMT
server: nginx
etag: "5f88b91f-62aa"
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: s-dBaYDQJUz0lP8kfqQEjSlGMzIA3mkOJWegUzPwp3oHsyISyYOGBQ==
access-control-allow-method: GET, POST

GET
H2 200 btn_long_blue.png
online.foxwoods.com/app/images/general/ 2 KB
2 KB 161ms
160ms Image
image/png 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.foxwoods.com/app/images/general/btn_long_blue.png
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 04222971593b1bba36614e74758c58a18cee00b20a805c747118ed97948fe95c

Request headers

:path: /app/images/general/btn_long_blue.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 14:36:08 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 10198
x-cache: Hit from cloudfront
content-length: 1768
last-modified: Thu, 15 Oct 2020 21:03:27 GMT
server: nginx
etag: "5f88b91f-6e8"
content-type: image/png
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: N5YYal_ZguGsRnmtPrH6JjiodhBnciBn37WpgVDXvak29HBgRzTvOA==
access-control-allow-method: GET, POST

GET
H2 200 icon_facebook_c.svg
online.foxwoods.com/app/images/icons/ 581 B
1 KB 86ms
85ms Image
image/svg+xml 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://online.foxwoods.com/app/images/icons/icon_facebook_c.svg
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 0afb36e57fe08bae31b3971cea938d1fb85611fc82364cfbed9771281db76c96

Request headers

:path: /app/images/icons/icon_facebook_c.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://online.foxwoods.com/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 14:36:08 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 10198
x-cache: Hit from cloudfront
content-length: 581
last-modified: Thu, 15 Oct 2020 21:03:27 GMT
server: nginx
etag: "5f88b91f-245"
content-type: image/svg+xml
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: 6Ds2q7cLntrrEpyDpZZSMzvNX6PeYkoS7aBwUSL43E8HqCjTFha5Vg==
access-control-allow-method: GET, POST

GET
H2 206 sfx_ambientgamebackground.mp3
online.foxwoods.com/app/images/audio/ 1 MB
1 MB 1436ms
1435ms Media
audio/mpeg 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/app/images/audio/sfx_ambientgamebackground.mp3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash

Request headers

:path: /app/images/audio/sfx_ambientgamebackground.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 08 May 2021 00:15:43 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 61824
x-cache: Hit from cloudfront
Content-Range: bytes 0-1166891/1166892
Content-Length: 1166892
last-modified: Thu, 15 Oct 2020 21:05:40 GMT
server: nginx
etag: "5f88b9a4-11ce2c"
content-type: audio/mpeg
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: qdUpwSEqbW4ZjxiB09LWbKK7Vy48pYM79hP9Vff408jEUZs0iMnwWg==
access-control-allow-method: GET, POST

GET
H2 206 mus_foxwoods_01.mp3
online.foxwoods.com/app/images/audio/Music/ 584 KB
585 KB 200ms
200ms Media
audio/mpeg 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_01.mp3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 3ed4c02854a5bb4075bc2f841d859c356fb6c644185f41e9102faede26927ec1

Request headers

:path: /app/images/audio/Music/mus_foxwoods_01.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 08 May 2021 00:48:50 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 59837
x-cache: Hit from cloudfront
Content-Range: bytes 0-598257/598258
Content-Length: 598258
last-modified: Thu, 15 Oct 2020 21:05:40 GMT
server: nginx
etag: "5f88b9a4-920f2"
content-type: audio/mpeg
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: zXRoHmTYmd4oQO0JADq0DoCGR1-GV8GYUuJcAcUV5-geckQblaHJiQ==
access-control-allow-method: GET, POST

GET
H2 206 mus_foxwoods_02.mp3
online.foxwoods.com/app/images/audio/Music/ 603 KB
604 KB 1148ms
1147ms Media
audio/mpeg 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_02.mp3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: f44baedbf2bed8fd6922e4cf29fbe13f914a9259e233c52e46b4563472d38038

Request headers

:path: /app/images/audio/Music/mus_foxwoods_02.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 08 May 2021 00:48:50 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 59837
x-cache: Hit from cloudfront
Content-Range: bytes 0-617065/617066
Content-Length: 617066
last-modified: Thu, 15 Oct 2020 21:05:40 GMT
server: nginx
etag: "5f88b9a4-96a6a"
content-type: audio/mpeg
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: LI6RZHL82ptEJFAER-a3Km5IghmTPG-xHck08GSVOMqgglXELPHVvg==
access-control-allow-method: GET, POST

GET
H2 206 mus_foxwoods_03.mp3
online.foxwoods.com/app/images/audio/Music/ 508 KB
510 KB 1059ms
1058ms Media
audio/mpeg 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_03.mp3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 73286f6ba0c1e371d31e11e941058f1599eab94149bbbd5bc44b8ea4e9b49b58

Request headers

:path: /app/images/audio/Music/mus_foxwoods_03.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 08 May 2021 00:48:50 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 59837
x-cache: Hit from cloudfront
Content-Range: bytes 0-520517/520518
Content-Length: 520518
last-modified: Thu, 15 Oct 2020 21:05:40 GMT
server: nginx
etag: "5f88b9a4-7f146"
content-type: audio/mpeg
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: K8PNWCxnj0XWezGsvcIulPvsy1vrEJOGa3zwn3M6C1TW2Qo6St7Elg==
access-control-allow-method: GET, POST

GET
H2 206 mus_foxwoods_04.mp3
online.foxwoods.com/app/images/audio/Music/ 489 KB
490 KB 200ms
199ms Media
audio/mpeg 13.225.78.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_04.mp3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-124.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 4c894eaad7c9bd391c57f90bd1d11ffdb47a2b9f13d41b2721c469b90e817314

Request headers

:path: /app/images/audio/Music/mus_foxwoods_04.mp3
pragma: no-cache
accept-encoding: identity;q=1, *;q=0
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: audio
:authority: online.foxwoods.com
referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
:scheme: https
sec-fetch-site: same-origin
range: bytes=0-
:method: GET
Referer: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Sat, 08 May 2021 00:48:50 GMT
via: 1.1 182ef5a8d12abb5df1553676864737b1.cloudfront.net (CloudFront)
age: 59837
x-cache: Hit from cloudfront
Content-Range: bytes 0-501082/501083
Content-Length: 501083
last-modified: Thu, 15 Oct 2020 21:05:40 GMT
server: nginx
etag: "5f88b9a4-7a55b"
content-type: audio/mpeg
access-control-allow-origin: *
access-control-allow-credentials: true
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: Authorization, Origin, X-Requested-With, Content-Type, Accept
x-amz-cf-id: ZtPmGs-l34AVYXAlS4pEudS9Xzm2JhD78pPznyaUltRaqfICtWGHqQ==
access-control-allow-method: GET, POST

GET mus_foxwoods_05.mp3
online.foxwoods.com/app/images/audio/Music/ 0
0

GET mus_foxwoods_06.mp3
online.foxwoods.com/app/images/audio/Music/ 0
0

GET mus_foxwoods_07.mp3
online.foxwoods.com/app/images/audio/Music/ 0
0

GET mus_foxwoods_08.mp3
online.foxwoods.com/app/images/audio/Music/ 0
0

GET sfx_ambientgamebackground_os_01.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_02.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_03.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_04.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_05.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_06.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_07.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_08.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_09.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_10.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_11.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_12.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_13.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_14.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_15.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_16.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_17.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_18.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_19.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_20.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_21.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_22.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_23.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_ambientgamebackground_os_24.mp3
online.foxwoods.com/app/images/audio/Ambience/ 0
0

GET sfx_alert.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_bonus_collected.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_bonus_wheel_spin.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_gamestartupsting.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_levelup.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_mouse_click.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_mouseover_generic.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_quest_complete.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_ui_negative.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_ui_positive.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_ui_bottom_slidedown.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET sfx_ui_bottom_slideup.mp3
online.foxwoods.com/app/images/audio/ 0
0

GET
H2 200 lnh2jum.js Show response
use.typekit.net/ 21 KB
7 KB 189ms
125ms Script
text/javascript 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/lnh2jum.js

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/build/f553f825/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

d5160af4971c9afbeaef33e4aecec08e20374e5c6d791681c7c38733547689ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
server: nginx
date: Sat, 08 May 2021 17:26:07 GMT
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7260

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_b6itlNufK0YLnQOQD

43 B
585 B

270ms
149ms

Image
image/gif

104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_b6itlNufK0YLnQOQD

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Sat, 08 May 2021 17:26:07 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c20aad1998a4d66e6c7f81c3f315886bb4bd453093c8e62f0f79036a21eb7ede
x-transaction: 49edae332efedaf6
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_b6itlNufK0YLnQOQD
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

204

v1
ads.yahoo.com/cms/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_b6itlNufK0YLnQOQD&sigv=1&esig=2~f1bad8fbdc7b832130cdb530c3b21113f8806ffd

0
445 B

24ms
6ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_b6itlNufK0YLnQOQD&sigv=1&esig=2~f1bad8fbdc7b832130cdb530c3b21113f8806ffd

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_b6itlNufK0YLnQOQD&sigv=1&esig=2~f1bad8fbdc7b832130cdb530c3b21113f8806ffd
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_b6itlNufK0YLnQOQD
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_b6itlNufK0YLnQOQD

43 B
180 B

46ms
46ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_b6itlNufK0YLnQOQD
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 May 2021 17:26:07 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_b6itlNufK0YLnQOQD
date: Sat, 08 May 2021 17:26:07 GMT
via: 1.1 google
server: OXGW/16.206.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel-geo.prfct.co/cs/?check_cookie=1&partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_b6itlNufK0YLnQOQD

0
239 B

169ms
36ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_b6itlNufK0YLnQOQD
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_b6itlNufK0YLnQOQD
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfYjZpdGxOdWZLMFlMblFPUUQ
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

279ms
279ms

Image
image/gif

34.243.193.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.193.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-193-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 08 May 2021 17:26:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 163ms
142ms Image
image/gif 34.243.193.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=5002402&source=js_tag&a_id=59037
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.243.193.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-193-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=5002402
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D5002402

43 B
1 KB

32ms
32ms

Image
image/gif

37.252.173.22
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D5002402

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.22 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 08 May 2021 17:26:07 GMT
X-Proxy-Origin: 5.253.207.220; 5.253.207.220; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.51:80
AN-X-Request-Uuid: 4507614d-6931-4ec4-af82-6ea2020067c4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 08 May 2021 17:26:07 GMT
X-Proxy-Origin: 5.253.207.220; 5.253.207.220; 536.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.245:80
AN-X-Request-Uuid: 70e08504-a708-4872-92a0-2afcfb7785b8
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D5002402
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
212 B 13ms
13ms XHR
text/plain 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=643812143&t=pageview&_s=1&dl=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&dp=%2F&ul=en-us&de=UTF-8&dt=FoxwoodsONLINE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=2020477077&gjid=113709490&cid=541893517.1620494767&tid=UA-74350215-1&_gid=297227166.1620494767&_r=1&_slc=1&z=55782169

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.0.773.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 May 2021 17:26:07 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://online.foxwoods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=643812143&t=pageview&_s=2&dl=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&dp=%2Flanding%2F&ul=en-us&de=UTF-8&dt=FoxwoodsONLINE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=541893517.1620494767&tid=UA-74350215-1&_gid=297227166.1620494767&z=88679559

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 May 2021 07:52:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34445
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=643812143&t=event&_s=3&dl=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&dp=%2Flanding%2F&ul=en-us&de=UTF-8&dt=FoxwoodsONLINE&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Landing%20Page&ea=view&_u=YEBAAEABAAAAAC~&jid=&gjid=&cid=541893517.1620494767&tid=UA-74350215-1&_gid=297227166.1620494767&z=488485647

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 08 May 2021 07:52:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 34445
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1555301151429437 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 74ms
73ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1555301151429437?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ba29fbf16e25ce1d2e6a8ad494b8549f75fc5c78a01d7b9b9dee6dbaa32b84c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: WT834q3Gxwo9cJ5+DMGEi7DaLNUFkX1qz8RRJnrhCvJhk+6eGvcdmOCFGsu+eo6wqT+EFziGjngON1XjhIDsPQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 08 May 2021 17:26:07 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
88 B 60ms
59ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-74350215-1&cid=541893517.1620494767&jid=2020477077&gjid=113709490&_gid=297227166.1620494767&_u=YEBAAEAAAAAAAC~&z=455669195

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.0.773.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 08 May 2021 17:26:07 GMT
content-type: text/plain
access-control-allow-origin: https://online.foxwoods.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26... Show response
adservice.google.com/ddm/fls/i/ Frame 3FEB 610 B
520 B 100ms
77ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Requested by

Host: 10656469.fls.doubleclick.net
URL: https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a51a6b607de4fb35661287b9d737c1f3fdeed79fb76cbc5043f3aabace58548c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10656469.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10656469.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 450
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrike... Show response
adservice.google.com/ddm/fls/i/ Frame D831 600 B
917 B 98ms
77ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Requested by

Host: 10656469.fls.doubleclick.net
URL: https://10656469.fls.doubleclick.net/activityi;dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4c26a18bb5e0dee36c3ea81e8e3d4dedce4b0342797c680620920c4edf7cdb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.com
:scheme: https
:path: /ddm/fls/i/dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://10656469.fls.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://10656469.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:07 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 444
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 l
use.typekit.net/af/53dec0/0000000000000000000100fe/27/ 19 KB
19 KB 152ms
91ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/53dec0/0000000000000000000100fe/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6f0fbb60ab4741f3dedef7f1f7f688932a79db9a7d0bc86f85308780cd2292b8

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "5a32dd1351457e6d73efccb3add35a1e0966698e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19160

GET
H2 200 l
use.typekit.net/af/ea0e14/000000000000000000010141/27/ 19 KB
19 KB 277ms
216ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/ea0e14/000000000000000000010141/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f282b1ffcfa7fc697c6f53fbecd9f68b60eecf1de3af18af5c1a60a43dfddab5

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "f78b63d201b96b2a9b57d78fdca7ce09115083f5"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19436

GET
H2 200 l
use.typekit.net/af/c225e2/000000000000000000011aff/27/ 19 KB
19 KB 194ms
134ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/c225e2/000000000000000000011aff/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6c6240f1ebbfb9bb9532ea32e54a99b604ff730bc95e11dd4d9285cb04159ad2

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "aac07d12e2650fd1a93de82aff4c98527ab9f303"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19024

GET
H2 200 l
use.typekit.net/af/696cdf/00000000000000000000ec0a/27/ 19 KB
19 KB 281ms
220ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/696cdf/00000000000000000000ec0a/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c164f0d892f752eb39cb4c3e0c62d142e9f74b5d0679dcaaf0fbe9a8d156bf02

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "f63d28783970a76d13e49578e2d09b1e96f0057e"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19612

GET
H2 200 l
use.typekit.net/af/d2f0db/000000000000000000012ea0/27/ 59 KB
59 KB 250ms
190ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/d2f0db/000000000000000000012ea0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6eb24e7ce85ea40d84fd513f30b228077d36a33d398d9e5cbafd72f6d21dd144

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "173487d0097e6499050c34d80f1833828d3b31da"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 60320

GET
H2 200 l
use.typekit.net/af/b46998/00000000000000000000f305/27/ 22 KB
22 KB 287ms
227ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b46998/00000000000000000000f305/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: f568b2aeb0f1c238932bddf7ddbfbf9a20599800423d5d02afe93ec9a940aede

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "78d826b223dd7406739ec1f92cc80bfb4783538c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22080

GET
H2 200 l
use.typekit.net/af/096cfd/00000000000000000000f306/27/ 22 KB
22 KB 278ms
219ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/096cfd/00000000000000000000f306/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 018725f514efb7dba1e14c49c42a391694ccdc926d70aaa30611b756139cfb82

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "5748d50a989b0acc05b3d71752e1a4edea2028f2"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22708

GET
H2 200 l
use.typekit.net/af/43bd88/0000000000000000000174af/27/ 21 KB
21 KB 277ms
218ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/43bd88/0000000000000000000174af/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 629ac97695f8ea8874cb4a3db49b40af194477bc1f468c9ec7d8388c7f23f88b

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "97297764de7a56b70aed865f9561ccc317cd78b1"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21068

GET
H2 200 l
use.typekit.net/af/3f500a/0000000000000000000174b2/27/ 20 KB
21 KB 87ms
27ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3f500a/0000000000000000000174b2/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e1cf93627a13d3f1d9a723b8e01d2804f446bee78fd457c7f4f73cc5b74ee867

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "d784a3a2bcfcc1a1fcc4b6ffaff914e15509e637"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20768

GET
H2 200 l
use.typekit.net/af/bace33/0000000000000000000174c0/27/ 22 KB
22 KB 78ms
19ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bace33/0000000000000000000174c0/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: b54bf8dde37db46dd9e9f7bcbf68005caa261803828c39c8c4d76c8687b64fc0

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "078bb5c059e32298afadbf4c6e63ead1881b92b9"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 22148

GET
H2 200 l
use.typekit.net/af/19a0e1/0000000000000000000174bf/27/ 21 KB
21 KB 25ms
22ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/19a0e1/0000000000000000000174bf/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: e525b3cc033b09f5c2015d1ea9736047ca9f02ea97b9dd6e38790ba2e4f09d8b

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "22b58636f30eb607f89d886a81d0f266b280887c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20992

GET
H2 200 l
use.typekit.net/af/370e50/0000000000000000000174c5/27/ 20 KB
21 KB 40ms
38ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/370e50/0000000000000000000174c5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i7&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 44c8a923ff51edd9b1ec6a893c6b9f17f56afb7cb1bfff0131575fe53ac92d78

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "02d2368dc42ab0da96343703be309aee68979ad4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20956

GET
H2 200 l
use.typekit.net/af/08db6f/0000000000000000000174c4/27/ 20 KB
20 KB 32ms
30ms Font
application/font-woff2 2a02:26f0:6c00::210:ba2a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/08db6f/0000000000000000000174c4/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba2a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: c5f75a13a5352e8370e13cafdb460949998e5a7c1f5b3776cff05ce8c1b65875

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
server: nginx
etag: "335035a0d07333011ce3ee3b2bf03b78f67c873d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20180

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/build/f553f825/bundle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

92017394ab239c00e330d51148f7e25cb5d9c9d90ef67bdccdb9aee3c6b727cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: 4PNDC+WtqdM3gF2CLmuCfQ==
cross-origin-resource-policy: cross-origin
expires: Sat, 08 May 2021 17:41:23 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 1779
x-fb-rlafr: 0
x-fb-debug: FVBDXcoqGolnQJhIe73snmEnzxlw0aiZ4NSNmeJo67V2kg/53VKbrlLU4u+Bv+VJGoJF1YjztazFdw5DLZwMgA==
x-fb-trip-id: 686109401
x-fb-content-md5: 7c81bf797576173a9bd6e688f681402f
date: Sat, 08 May 2021 17:26:07 GMT
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "50e4e98512973de4e4bbf0e4e333e15a"
timing-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5

GET
H2 200 dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrike... Show response
adservice.google.de/ddm/fls/i/ Frame 250B 194 B
242 B 86ms
63ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CPH8xbfNuvACFYc74AodUhgEeA;src=10656469;type=sitew0;cat=foxwo0;ord=1234465417093;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:07 GMT
expires: Sat, 08 May 2021 17:26:07 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26... Show response
adservice.google.de/ddm/fls/i/ Frame 3EA7 194 B
877 B 80ms
63ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: adservice.google.de
:scheme: https
:path: /ddm/fls/i/dc_pre=CPH-xbfNuvACFVkk4AodHR4DJA;src=10656469;type=landi0;cat=foxwo0;ord=3429086253695;gtm=2od4s0;auiddc=1276559739.1620494765;~oref=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://adservice.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sat, 08 May 2021 17:26:07 GMT
expires: Sat, 08 May 2021 17:26:07 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p.gif
p.typekit.net/ 35 B
214 B 49ms
30ms Image
image/gif 2a02:26f0:6c00:28d::19fd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=lnh2jum&ht=tk&h=online.foxwoods.com&f=2028.2029.2032.2033.6778.9938.9939.17858.17861.24384.24385.24386.24387&a=2992736&js=1.20.0&app=typekit&e=js&_=1620494767548
Requested by: Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:28d::19fd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
last-modified: Wed, 02 Sep 2020 03:58:21 GMT
server: nginx
etag: "5f4f185d-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

GET
H3-29 200 sdk.js Show response
connect.facebook.net/en_US/ 213 KB
63 KB 10ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=174a3713dd79005d8e2cdef40a8ac8bb&ua=modern_es6

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66697c74a0561b534913519cbb3972a86717bfb7a0dcba15e07909d69931398e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Origin: https://online.foxwoods.com
Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: SDgYPZYyRuED+tcknQa99Q==
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 64497
x-fb-rlafr: 0
x-fb-debug: deS7YmKGqwGeiat9NOGuRq/W98nPGmLozJjGmwAhX27Ogc4hTi1kLYi+IRJBXsT5JGYn6nGgAT6jl5fSG8bBkA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 92c5725173c014f78f8ff1276b5f97bc
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sat, 08 May 2021 17:26:07 GMT
vary: Accept-Encoding
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "91f44ffcb63fc84b45f02b9779c72e43"
timing-allow-origin: *
priority: u=3,i
expires: Sun, 08 May 2022 15:24:38 GMT

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 79ms
77ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=630590740348311&input_token&origin=1&redirect_uri=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=174a3713dd79005d8e2cdef40a8ac8bb&ua=modern_es6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: TuSJvOT0HMxnnBEGgymr59RPVOc9bBED5UPpOkDjUsgLkgGoFMaH7AFrzxPZz8fauPbtG3J9ABTqGOFcdpKSDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 08 May 2021 17:26:07 GMT
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://online.foxwoods.com
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=630590740348311&ev=fb_page_view&dl=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&rl=&if=false&ts=1620494767865&cd[_appVersion]=1.0.0&sw=1600&sh=1200&at=

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 08 May 2021 17:26:07 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
213 B 8ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=630590740348311&dl=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&rl=&if=false&ts=1620494767866&cd[action]=view&cd[_appVersion]=1.0.0&sw=1600&sh=1200&at=

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 08 May 2021 17:26:07 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1555301151429437&ev=PageView&dl=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&rl=&if=false&ts=1620494767919&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620494767917.2009467984&it=1620494767142&coo=false&exp=l1&rqm=GET

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:07 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 08 May 2021 17:26:07 GMT

GET
H3-29 200 /
www.facebook.com/tr/ 44 B
88 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1555301151429437&ev=Microdata&dl=https%3A%2F%2Fonline.foxwoods.com%2Flanding%2F%3Fpid%3Demail%26c%3Dstrikeitgold2021%26utm_source%3Dcyclical%26utm_medium%3Demail%26utm_campaign%3Dstrikeitgold2021&rl=&if=false&ts=1620494769424&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22FoxwoodsONLINE%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620494767917.2009467984&it=1620494767142&coo=false&es=automatic&tm=3&exp=l1&rqm=GET

Requested by

Host: online.foxwoods.com
URL: https://online.foxwoods.com/landing/?pid=email&c=strikeitgold2021&utm_source=cyclical&utm_medium=email&utm_campaign=strikeitgold2021

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 08 May 2021 17:26:09 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i
expires: Sat, 08 May 2021 17:26:09 GMT

GET
H2 200 adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js Show response
cdn.appdynamics.com/ 50 KB
20 KB 75ms
75ms Script
application/javascript 65.9.73.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.appdynamics.com/adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js
Requested by: Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum/adrum-4.5.0.773.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.73.51 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: af2c4b1a82033adc5b5270c573dc5b2e7a074ecb37bc342d58196f2d6ab07a90

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 19:59:03 GMT
content-encoding: gzip
age: 163627
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Mon, 14 May 2018 17:55:05 GMT
server: nginx/1.16.1
etag: W/"5af9cd79-c81b"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
via: 1.1 0186e9c41d0aebb13c1398b95b7f4757.cloudfront.net (CloudFront)
cache-control: public, max-age=2678400, s-max-age=14400
x-amz-cf-pop: AMS1-C1
timing-allow-origin: *
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
x-amz-cf-id: WQ7LunqKO04LFwYCnV5OZItmhWh9x1KNu5XtHzYvzwYf8SFvWBAXoA==

POST
H/1.1 200
OK adrum Show response
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAJ-AHF/ 0
1 KB 819ms
218ms XHR
text/html 44.237.170.186
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://col.eum-appdynamics.com/eumcollector/beacons/browser/v1/AD-AAB-AAJ-AHF/adrum

Requested by

Host: cdn.appdynamics.com
URL: https://cdn.appdynamics.com/adrum-ext.f1b9622831c5f758b69f8c4fafbe9659.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.237.170.186 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

envoy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://online.foxwoods.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type: text/plain

Response headers

pragma: no-cache
date: Sat, 08 May 2021 17:26:12 GMT
x-content-type-options: nosniff
server: envoy
vary: *
content-type: text/html
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, s-maxage=0
x-envoy-upstream-service-time: 0
Connection: keep-alive
access-control-allow-headers: origin, content-type, accept
Content-Length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_05.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_06.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_07.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Music/mus_foxwoods_08.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_01.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_02.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_03.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_04.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_05.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_06.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_07.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_08.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_09.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_10.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_11.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_12.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_13.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_14.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_15.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_16.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_17.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_18.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_19.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_20.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_21.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_22.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_23.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/Ambience/sfx_ambientgamebackground_os_24.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_alert.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_bonus_collected.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_bonus_wheel_spin.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_gamestartupsting.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_levelup.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_mouse_click.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_mouseover_generic.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_quest_complete.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_ui_negative.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_ui_positive.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_ui_bottom_slidedown.mp3

Domain: online.foxwoods.com
URL: https://online.foxwoods.com/app/images/audio/sfx_ui_bottom_slideup.mp3

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-20 03:29:50	Name: IDE Value: AHWqTUmIAXWMWtK8Vc8o5yFHOu-gjtP861ofckYWCVuwFj6SjLrM1aKZgIuiHILp_Xg
.foxwoods.com/	1970-01-19 20:17:50	Name: _fbp Value: fb.1.1620494767917.2009467984
.foxwoods.com/	1970-01-19 18:08:14	Name: _gat Value: 1
.foxwoods.com/	1970-01-19 18:09:41	Name: _gid Value: GA1.2.297227166.1620494767
.foxwoods.com/	1970-01-20 11:39:26	Name: _ga Value: GA1.2.541893517.1620494767

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: https://online.foxwoods.com/build/f553f825/bundle.js(Line 146) Message: %cDownload the React DevTools for a better development experience: https://fb.me/react-devtools font-weight:bold
console-api	warning	URL: https://online.foxwoods.com/build/f553f825/bundle.js(Line 53) Message: %cUnhandled rejection TypeError: Cannot read property 'getItem' of null at Object.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:1:81773) at a (https://online.foxwoods.com/build/f553f825/bundle.js:68:47932) at Generator._invoke (https://online.foxwoods.com/build/f553f825/bundle.js:68:48977) at Generator.e.<computed> [as next] (https://online.foxwoods.com/build/f553f825/bundle.js:68:48111) at a (https://online.foxwoods.com/build/f553f825/bundle.js:24:124699) at https://online.foxwoods.com/build/f553f825/bundle.js:24:124847 at o.t._execute (https://online.foxwoods.com/build/f553f825/bundle.js:53:19166) at o._resolveFromExecutor (https://online.foxwoods.com/build/f553f825/bundle.js:53:45781) at new o (https://online.foxwoods.com/build/f553f825/bundle.js:53:38007) at https://online.foxwoods.com/build/f553f825/bundle.js:24:124641 at Object.assignUserUUID (https://online.foxwoods.com/build/f553f825/bundle.js:1:82053) at Object.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:1:84039) at a (https://online.foxwoods.com/build/f553f825/bundle.js:68:47932) at Generator._invoke (https://online.foxwoods.com/build/f553f825/bundle.js:68:48977) at Generator.e.<computed> [as next] (https://online.foxwoods.com/build/f553f825/bundle.js:68:48111) at a (https://online.foxwoods.com/build/f553f825/bundle.js:24:124699) at https://online.foxwoods.com/build/f553f825/bundle.js:24:124847 at o.t._execute (https://online.foxwoods.com/build/f553f825/bundle.js:53:19166) at o._resolveFromExecutor (https://online.foxwoods.com/build/f553f825/bundle.js:53:45781) From previous event: at o.h [as _captureStackTrace] (https://online.foxwoods.com/build/f553f825/bundle.js:53:10250) at o._resolveFromExecutor (https://online.foxwoods.com/build/f553f825/bundle.js:53:45724) at new o (https://online.foxwoods.com/build/f553f825/bundle.js:53:38007) at t.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:24:124641) at t.e (https://online.foxwoods.com/build/f553f825/bundle.js:162:4626) at t.value (https://online.foxwoods.com/build/f553f825/bundle.js:162:5069) at fl (https://online.foxwoods.com/build/f553f825/bundle.js:146:109337) at zl (https://online.foxwoods.com/build/f553f825/bundle.js:146:120895) at HTMLUnknownElement.c (https://online.foxwoods.com/build/f553f825/bundle.js:146:140190) at Object.ic (https://online.foxwoods.com/build/f553f825/bundle.js:146:141152) at a (https://online.foxwoods.com/build/f553f825/bundle.js:133:438) at Ul (https://online.foxwoods.com/build/f553f825/bundle.js:146:122645) at https://online.foxwoods.com/build/f553f825/bundle.js:146:134148 at Object.i [as unstable_runWithPriority] (https://online.foxwoods.com/build/f553f825/bundle.js:125:1188) at Pu (https://online.foxwoods.com/build/f553f825/bundle.js:146:134082) at Eu (https://online.foxwoods.com/build/f553f825/bundle.js:146:133856) at Au (https://online.foxwoods.com/build/f553f825/bundle.js:146:132914) at _u (https://online.foxwoods.com/build/f553f825/bundle.js:146:132726) at bu (https://online.foxwoods.com/build/f553f825/bundle.js:146:131641) at iu (https://online.foxwoods.com/build/f553f825/bundle.js:146:130353) at Nu (https://online.foxwoods.com/build/f553f825/bundle.js:146:135632) at Fu (https://online.foxwoods.com/build/f553f825/bundle.js:146:135894) at ju (https://online.foxwoods.com/build/f553f825/bundle.js:146:136863) at Qu.render (https://online.foxwoods.com/build/f553f825/bundle.js:146:213692) at https://online.foxwoods.com/build/f553f825/bundle.js:146:138867 at Su (https://online.foxwoods.com/build/f553f825/bundle.js:146:134476) at Ju (https://online.foxwoods.com/build/f553f825/bundle.js:146:138800) at Object.render (https://online.foxwoods.com/build/f553f825/bundle.js:146:215629) at Object.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:101:2138) at Object.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:101:3447) at n (https://online.foxwoods.com/build/f553f825/bundle.js:1:101) at Object.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:80:286317) at Object.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:80:286326) at n (https://online.foxwoods.com/build/f553f825/bundle.js:1:101) at Object.<anonymous> (https://online.foxwoods.com/build/f553f825/bundle.js:80:285506) at n (https://online.foxwoods.com/build/f553f825/bundle.js:1:101) at https://online.foxwoods.com/build/f553f825/bundle.js:1:451 at https://online.foxwoods.com/build/f553f825/bundle.js:1:462 color: red

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10656469.fls.doubleclick.net
ads.yahoo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
analytics.twitter.com
api.foxwoods.blueboxengine.com
cdn.appdynamics.com
cm.g.doubleclick.net
code.createjs.com
code.jquery.com
col.eum-appdynamics.com
connect.facebook.net
fonts.googleapis.com
foxwoods.onelink.me
online.foxwoods.com
p.typekit.net
pixel-geo.prfct.co
pixel.rubiconproject.com
prod.webpu.sh
secure.adnxs.com
stats.g.doubleclick.net
tag.marinsm.com
us-u.openx.net
use.typekit.net
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
online.foxwoods.com
104.244.42.3
13.225.78.124
142.250.184.230
142.250.186.66
151.101.112.65
18.202.159.25
2.16.107.153
2001:4de0:ac18::1:a:1b
2a00:1288:80:800::7001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:80f::200a
2a00:1450:4001:827::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82f::200a
2a00:1450:400c:c04::9b
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00::210:ba1a
2a02:26f0:6c00::210:ba2a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.243.193.207
34.98.64.218
37.252.173.22
44.237.170.186
54.242.87.51
65.9.73.51
69.173.144.138
018725f514efb7dba1e14c49c42a391694ccdc926d70aaa30611b756139cfb82
04222971593b1bba36614e74758c58a18cee00b20a805c747118ed97948fe95c
042f24e48ddd16307381cb6fd454704e23e9072d4b12364f06b121b3b3b9d58c
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0afb36e57fe08bae31b3971cea938d1fb85611fc82364cfbed9771281db76c96
0ba29fbf16e25ce1d2e6a8ad494b8549f75fc5c78a01d7b9b9dee6dbaa32b84c
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1333f49019d3a62a3294b31e24adde92d2f7cee3374ac78744cd682f5200574b
14a806b8e455dcc19500055370d9972233470b28bd0cd5c81ece4bd115267faa
18b6ac4ec89ac2fa0cd7192a489f04e6d37d30ae747f3ae3c2cbafaa95d329ef
1aa44450b546a769cc22d669bb91a5b40a3095a7b4f8e4bef8ee56a0536cb58f
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
30d73182ab7719dfc8ac6402deb0a9c2ac377c9e3381733dfb9eb80b7fe68aec
3d020254e1f6b6e7306ee1fa0f0debd31b1d574fdb1df47145eec2e605f47d46
3ed4c02854a5bb4075bc2f841d859c356fb6c644185f41e9102faede26927ec1
42df2d7b04b8b9b5952bc06218d13783ea6627ddca9029cbc7695020b8d4a77e
4375ddc74918a4af9f36da38da0e683d8984135d82df39424cd974bc496d8791
44c8a923ff51edd9b1ec6a893c6b9f17f56afb7cb1bfff0131575fe53ac92d78
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b8395f0d8397b82f149fed399433173895ac83e9b43af1ab89f425bd7fbc407
4c894eaad7c9bd391c57f90bd1d11ffdb47a2b9f13d41b2721c469b90e817314
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef924deafa0eb2cc28cbd6bc9c84bc1df77d9961236faf0ef7847ac989c1e9a
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
586341b2e23993a5c8d45db157b5e2d287121303d207cddf4139a0e06c3b866d
629ac97695f8ea8874cb4a3db49b40af194477bc1f468c9ec7d8388c7f23f88b
63110e5bdbab93aee4f59ecbc0031067b8b91bfdcf6d4e2a3f564f260716fc57
66697c74a0561b534913519cbb3972a86717bfb7a0dcba15e07909d69931398e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c6240f1ebbfb9bb9532ea32e54a99b604ff730bc95e11dd4d9285cb04159ad2
6eb24e7ce85ea40d84fd513f30b228077d36a33d398d9e5cbafd72f6d21dd144
6f0fbb60ab4741f3dedef7f1f7f688932a79db9a7d0bc86f85308780cd2292b8
7145d40f877f4b1a24bbba198452e40a8b93eca5aa3ee897066d3eaf5fcf92bc
73286f6ba0c1e371d31e11e941058f1599eab94149bbbd5bc44b8ea4e9b49b58
7826903e63223938df197d806488071207cc1711ce998ee3095670ebfa96eee5
7f8e420a4ac3ea7f6fd081ce07234101414d27df260a6d547663f8e0c0efbaf4
80dd02df95e9ef2bbf2030c9f40d0ec39b26e78ea1064c600a64dc40a1143ff0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8a102873a33f24f7eb22221e6b23c4f718e29f85168ecc769a35bfaed9b12cce
91aee799d8c5d42a3dce8da9f6cbaacab52039d332308edb4cede3dcdb9d57ce
92017394ab239c00e330d51148f7e25cb5d9c9d90ef67bdccdb9aee3c6b727cd
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05
a51a6b607de4fb35661287b9d737c1f3fdeed79fb76cbc5043f3aabace58548c
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af2c4b1a82033adc5b5270c573dc5b2e7a074ecb37bc342d58196f2d6ab07a90
b4c26a18bb5e0dee36c3ea81e8e3d4dedce4b0342797c680620920c4edf7cdb2
b54bf8dde37db46dd9e9f7bcbf68005caa261803828c39c8c4d76c8687b64fc0
c164f0d892f752eb39cb4c3e0c62d142e9f74b5d0679dcaaf0fbe9a8d156bf02
c5f75a13a5352e8370e13cafdb460949998e5a7c1f5b3776cff05ce8c1b65875
c99178e77db2ec4d462dcb083b48cdb6a6cf5edf3cf251b7b931bc9ebba3521e
d5160af4971c9afbeaef33e4aecec08e20374e5c6d791681c7c38733547689ba
da010baefe5a824ca7f3c77f6a1c13dc57e10031008c55fdaeae8a9292d812b4
e1cf93627a13d3f1d9a723b8e01d2804f446bee78fd457c7f4f73cc5b74ee867
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e525b3cc033b09f5c2015d1ea9736047ca9f02ea97b9dd6e38790ba2e4f09d8b
f282b1ffcfa7fc697c6f53fbecd9f68b60eecf1de3af18af5c1a60a43dfddab5
f44baedbf2bed8fd6922e4cf29fbe13f914a9259e233c52e46b4563472d38038
f568b2aeb0f1c238932bddf7ddbfbf9a20599800423d5d02afe93ec9a940aede

online.foxwoods.com Open in urlscan Pro 13.225.78.124 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

113 Requests

65 %HTTPS

50 %IPv6

24 Domains

28 Subdomains

27 IPs

6 Countries

5437 kBTransfer

9694 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

113 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

online.foxwoods.com Open in urlscan Pro
13.225.78.124 Public Scan

Screenshot
Live screenshot

Full Image

113
Requests

65 %
HTTPS

50 %
IPv6

24
Domains

28
Subdomains

27
IPs

6
Countries

5437 kB
Transfer

9694 kB
Size

5
Cookies

113 HTTP transactions
0 data transactions