www.turningstone.com Open in urlscan Pro
52.4.31.208 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t1.on-enterprises.com/r/?id=h1507691,1c2d9cc,1c2d9dc&utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_...
Effective URL:
https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_...
Submission: On December 31 via api (December 31st 2021, 7:02:28 pm UTC) from US — Scanned from DE

Summary HTTP 178 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 64 IPs in 7 countries across 56 domains to perform 178 HTTP transactions. The main IP is 52.4.31.208, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.turningstone.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on April 21st 2021. Valid for: a year.

This is the only time www.turningstone.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	52.37.240.167 52.37.240.167	16509 (AMAZON-02) (AMAZON-02)
50	52.4.31.208 52.4.31.208	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:401... 2a00:1450:4019:805::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:1634	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	204.194.222.24 204.194.222.24	11810 (AWEBER-SY...) (AWEBER-SYSTEMS)
1 4	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
1 2	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
3 7	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	54.237.133.81 54.237.133.81	14618 (AMAZON-AES) (AMAZON-AES)
1	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
3 7	142.250.184.198 142.250.184.198	15169 (GOOGLE) (GOOGLE)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
17 23	169.50.137.182 169.50.137.182	36351 (SOFTLAYER) (SOFTLAYER)
1 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:612... 2600:1f18:612b:4200:ee57:5bc8:4ac0:7a5	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	18.170.15.31 18.170.15.31	16509 (AMAZON-02) (AMAZON-02)
1 1	3.122.111.84 3.122.111.84	16509 (AMAZON-02) (AMAZON-02)
1	13.225.73.121 13.225.73.121	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
6 6	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 2	18.198.69.109 18.198.69.109	16509 (AMAZON-02) (AMAZON-02)
1	52.22.84.205 52.22.84.205	14618 (AMAZON-AES) (AMAZON-AES)
1 3	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1 3	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
2	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1 3	23.213.161.73 23.213.161.73	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	143.204.94.161 143.204.94.161	16509 (AMAZON-02) (AMAZON-02)
4	66.155.71.149 66.155.71.149	13768 (COGECO-PEER1) (COGECO-PEER1)
1	69.16.175.10 69.16.175.10	20446 (HIGHWINDS3) (HIGHWINDS3)
1	178.79.242.181 178.79.242.181	22822 (LLNW) (LLNW)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:215... 2600:9000:2156:5000:1:76cf:fe80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:6c0... 2a02:26f0:6c00::210:ba0a	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a02:26f0:fb:... 2a02:26f0:fb:5aa::1931	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
6	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3 3	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2 6	198.8.71.128 198.8.71.128	54312 (ROCKETFUEL) (ROCKETFUEL)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	18.198.146.150 18.198.146.150	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
1 8	2.21.141.169 2.21.141.169	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	34.248.159.172 34.248.159.172	16509 (AMAZON-02) (AMAZON-02)
1	3.127.178.105 3.127.178.105	16509 (AMAZON-02) (AMAZON-02)
1	184.87.212.24 184.87.212.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	143.204.98.33 143.204.98.33	16509 (AMAZON-02) (AMAZON-02)
1	3.229.229.140 3.229.229.140	14618 (AMAZON-AES) (AMAZON-AES)
1 2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.249.77.25 34.249.77.25	16509 (AMAZON-02) (AMAZON-02)
1 2	18.198.121.250 18.198.121.250	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
178	64

1 52.37.240.167 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-240-167.us-west-2.compute.amazonaws.com

t1.on-enterprises.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 52.4.31.208 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-4-31-208.compute-1.amazonaws.com

www.turningstone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4019:805::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:1634 (United States)

ASN13335 (CLOUDFLARENET, US)

pro.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 204.194.222.24 (United States)

ASN11810 (AWEBER-SYSTEMS, US)
PTR: analytics.aweber.com

analytics.aweber.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.27 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.208.103.128 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.237.133.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-133-81.compute-1.amazonaws.com

www.bugherd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.184.198 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f6.1e100.net

8121658.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2196496.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
10448040.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 169.50.137.182 (United States) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:612b:4200:ee57:5bc8:4ac0:7a5 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.170.15.31 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-170-15-31.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.122.111.84 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-111-84.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.73.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-73-121.fra2.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.69.109 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.84.205 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-84-205.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.66 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.172.249 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.213.161.73 (Frankfurt am Main, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-213-161-73.deploy.static.akamaitechnologies.com

secure-ds.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.94.161 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-94-161.fra50.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.16.175.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: hwcdn.net

cdn.bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.79.242.181 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-181.fra.llnw.net

cdn01.basis.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:5000:1:76cf:fe80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00::210:ba0a (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:fb:5aa::1931 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:21::14 (United States) 3 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 198.8.71.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20828751p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.146.150 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-146-150.eu-central-1.compute.amazonaws.com

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.21.141.169 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-169.deploy.static.akamaitechnologies.com

ct.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.pinterest.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.248.159.172 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-159-172.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.127.178.105 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.87.212.24 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-212-24.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.33 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-33.fra50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.229.229.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-229-229-140.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.249.77.25 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-77-25.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.121.250 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-121-250.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.49 (United States) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	turningstone.com www.turningstone.com	7 MB
26	simpli.fi 17 redirects i.simpli.fi um.simpli.fi	18 KB
17	doubleclick.net 10 redirects pubads.g.doubleclick.net 8121658.fls.doubleclick.net 2196496.fls.doubleclick.net cm.g.doubleclick.net googleads.g.doubleclick.net 10448040.fls.doubleclick.net stats.g.doubleclick.net	7 KB
7	bttrack.com cdn.bttrack.com bttrack.com	7 KB
7	crwdcntrl.net 3 redirects bcp.crwdcntrl.net	3 KB
7	google.com 1 redirects www.google.com adservice.google.com	2 KB
6	rfihub.com 2 redirects 20828751p.rfihub.com a.rfihub.com p.rfihub.com	9 KB
5	serving-sys.com 1 redirects secure-ds.serving-sys.com bs.serving-sys.com	21 KB
5	google.de www.google.de adservice.google.de	2 KB
5	googleapis.com fonts.googleapis.com maps.googleapis.com	170 KB
4	pinterest.de www.pinterest.de	15 KB
4	pinterest.com 1 redirects ct.pinterest.com www.pinterest.com	2 KB
4	facebook.com www.facebook.com	575 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	sitescout.com pixel.sitescout.com	458 B
4	google-analytics.com www.google-analytics.com	55 KB
4	rlcdn.com 1 redirects idsync.rlcdn.com	1 KB
4	adnxs.com 1 redirects secure.adnxs.com ib.adnxs.com	4 KB
3	facebook.net connect.facebook.net	200 KB
3	adsrvr.org js.adsrvr.org insight.adsrvr.org	5 KB
3	spotxchange.com 1 redirects sync.search.spotxchange.com	2 KB
3	pro-market.net 2 redirects fei.pro-market.net pbid.pro-market.net	1 KB
3	agkn.com 2 redirects aa.agkn.com d.agkn.com	1 KB
3	twitter.com platform.twitter.com syndication.twitter.com	133 KB
3	gstatic.com fonts.gstatic.com www.gstatic.com	228 KB
3	googletagmanager.com www.googletagmanager.com	167 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	608 B
2	bidswitch.net 1 redirects x.bidswitch.net	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	pinimg.com s.pinimg.com	19 KB
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	googleadservices.com 1 redirects www.googleadservices.com	15 KB
2	bluekai.com 1 redirects stags.bluekai.com	1 KB
2	exelator.com 1 redirects loadm.exelator.com	2 KB
2	tapad.com 1 redirects pixel.tapad.com	887 B
2	tremorhub.com simplifi.partners.tremorhub.com partners.tremorhub.com	365 B
2	3lift.com 1 redirects eb2.3lift.com	726 B
2	fontawesome.com pro.fontawesome.com	137 KB
2	cloudflare.com cdnjs.cloudflare.com	82 KB
1	krxd.net beacon.krxd.net	338 B
1	addthis.com x.dlx.addthis.com	191 B
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	791 B
1	media.net contextual.media.net	614 B
1	eyeota.net ps.eyeota.net	344 B
1	licdn.com snap.licdn.com	2 KB
1	rfihub.net c1.rfihub.net	6 KB
1	basis.net cdn01.basis.net	1 KB
1	openx.net us-u.openx.net	274 B
1	lijit.com ce.lijit.com	348 B
1	bfmio.com sync.bfmio.com	421 B
1	intentiq.com sync.intentiq.com
1	bugherd.com www.bugherd.com	724 B
1	aweber.com analytics.aweber.com	3 KB
1	on-enterprises.com 1 redirects t1.on-enterprises.com	469 B
178	56

	Domain	Requested by
50	www.turningstone.com	www.turningstone.com
23	um.simpli.fi	17 redirects www.turningstone.com
7	bcp.crwdcntrl.net	3 redirects www.turningstone.com
6	bttrack.com	www.turningstone.com cdn.bttrack.com bttrack.com
6	cm.g.doubleclick.net	6 redirects
4	www.pinterest.de	s.pinimg.com www.turningstone.com
4	p.rfihub.com	2 redirects
4	www.facebook.com	www.turningstone.com
4	pixel.sitescout.com	www.turningstone.com
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	idsync.rlcdn.com	1 redirects www.turningstone.com
4	www.google.com	1 redirects www.turningstone.com
4	maps.googleapis.com	www.turningstone.com maps.googleapis.com
3	ct.pinterest.com	s.pinimg.com www.turningstone.com
3	adservice.google.com	2196496.fls.doubleclick.net 8121658.fls.doubleclick.net 10448040.fls.doubleclick.net
3	connect.facebook.net	www.turningstone.com connect.facebook.net
3	secure-ds.serving-sys.com	1 redirects www.googletagmanager.com www.turningstone.com
3	10448040.fls.doubleclick.net	1 redirects www.googletagmanager.com www.turningstone.com
3	sync.search.spotxchange.com	1 redirects www.turningstone.com
3	www.google.de	www.turningstone.com
3	www.googletagmanager.com	www.turningstone.com www.googletagmanager.com
3	i.simpli.fi	www.turningstone.com i.simpli.fi
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	dpm.demdex.net	1 redirects
2	bs.serving-sys.com	secure-ds.serving-sys.com www.turningstone.com
2	adservice.google.de	adservice.google.com
2	px.ads.linkedin.com	2 redirects
2	insight.adsrvr.org	www.turningstone.com js.adsrvr.org
2	s.pinimg.com	www.turningstone.com s.pinimg.com
2	pixel.rubiconproject.com	www.turningstone.com
2	ib.adnxs.com	www.turningstone.com
2	googleads.g.doubleclick.net	1 redirects www.googleadservices.com
2	www.googleadservices.com	1 redirects www.googletagmanager.com
2	stags.bluekai.com	1 redirects www.turningstone.com
2	loadm.exelator.com	1 redirects www.turningstone.com
2	fei.pro-market.net	2 redirects
2	aa.agkn.com	1 redirects www.turningstone.com
2	pixel.tapad.com	1 redirects www.turningstone.com
2	eb2.3lift.com	1 redirects www.turningstone.com
2	platform.twitter.com	www.turningstone.com platform.twitter.com
2	2196496.fls.doubleclick.net	1 redirects www.turningstone.com
2	8121658.fls.doubleclick.net	1 redirects www.turningstone.com
2	fonts.gstatic.com	fonts.googleapis.com
2	secure.adnxs.com	1 redirects www.turningstone.com
2	pro.fontawesome.com	www.turningstone.com pro.fontawesome.com
2	cdnjs.cloudflare.com	www.turningstone.com cdnjs.cloudflare.com
1	www.pinterest.com	1 redirects
1	beacon.krxd.net	www.turningstone.com
1	partners.tremorhub.com	www.turningstone.com
1	x.dlx.addthis.com	www.turningstone.com
1	bpi.rtactivate.com	www.turningstone.com
1	live.rezync.com	1 redirects
1	contextual.media.net	www.turningstone.com
1	ps.eyeota.net
1	a.rfihub.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	20828751p.rfihub.com	c1.rfihub.net
1	px4.ads.linkedin.com	www.turningstone.com
1	www.linkedin.com	1 redirects
1	syndication.twitter.com	platform.twitter.com
1	snap.licdn.com	www.turningstone.com
1	c1.rfihub.net	www.turningstone.com
1	cdn01.basis.net	www.googletagmanager.com
1	cdn.bttrack.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	us-u.openx.net	www.turningstone.com
1	ce.lijit.com	www.turningstone.com
1	sync.bfmio.com	www.turningstone.com
1	pbid.pro-market.net	www.turningstone.com
1	sync.intentiq.com	www.turningstone.com
1	d.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com	www.turningstone.com
1	pubads.g.doubleclick.net	www.turningstone.com
1	www.bugherd.com	www.turningstone.com
1	www.gstatic.com	www.google.com
1	analytics.aweber.com	www.turningstone.com
1	fonts.googleapis.com	www.turningstone.com
1	t1.on-enterprises.com	1 redirects
178	80

This site contains links to these domains. Also see Links.

Domain
play.turningstone.com
www.myturningstone.com
www.nccreports.com
oneidaindiannationoutfitters.com
connect.socialtables.com
www.facebook.com
www.instagram.com
twitter.com
goo.gl
instagram.com
apps.apple.com
play.google.com
www.oneidaindiannation.com
www.onenterprises.com
www.google.com
www.ncrg.org

Subject Issuer	Validity	Valid
*.turningstone.com Sectigo RSA Domain Validation Secure Server CA	`2021-04-21` - `2022-04-21`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2021-12-01` - `2023-01-01`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.aweber.com GeoTrust RSA CA 2018	`2021-01-29` - `2022-03-01`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.bugherd.com R3	`2021-11-16` - `2022-02-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-20` - `2022-10-19`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
secure-ds.serving-sys.com DigiCert SHA2 Secure Server CA	`2021-04-28` - `2022-05-03`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-29` - `2022-03-29`	a year	crt.sh
cdn01.basis.net GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-06-14` - `2022-06-14`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-10` - `2022-01-08`	3 months	crt.sh
*.rfihub.net Amazon	`2021-12-29` - `2023-01-27`	a year	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-07-15` - `2022-07-20`	a year	crt.sh
*.pinterest.com DigiCert TLS RSA SHA256 2020 CA1	`2021-07-26` - `2022-08-05`	a year	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
bs.serving-sys.com Amazon	`2021-05-10` - `2022-06-08`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
rtactivate.com Amazon	`2021-05-13` - `2022-06-11`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-11-24` - `2022-04-26`	5 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2021-04-08` - `2022-05-09`	a year	crt.sh
*.tremorhub.com Amazon	`2021-06-27` - `2022-07-26`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Frame ID: A623B9A7B17B0DE2CEEBB05EC93471C0
Requests: 141 HTTP requests in this frame

Frame: https://8121658.fls.doubleclick.net/activityi;dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257
Frame ID: 3D66F308F72E3AB513D2778066477ACF
Requests: 1 HTTP requests in this frame

Frame: https://2196496.fls.doubleclick.net/activityi;dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365
Frame ID: 987AAAA678DBC9FF8D7E70FB7D708F40
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.turningstone.com
Frame ID: 6BC05AD18200F79F9713726A8C041215
Requests: 2 HTTP requests in this frame

Frame: https://10448040.fls.doubleclick.net/activityi;dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962
Frame ID: 92B3FC96E72C41A8F58B33AA440DAD51
Requests: 2 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 1E02589F7972BB236E608D3651D71797
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365;~oref=https://www.turningstone.com/
Frame ID: 016BD82EDA4CF71C45C4FFB83BC32B1E
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257;~oref=https://www.turningstone.com/
Frame ID: CA81449F78403FA380EC5D0D0E75A58C
Requests: 1 HTTP requests in this frame

Frame: https://20828751p.rfihub.com/ca.html?ver=9&rb=41331&ca=20828751&_o=41331&_t=20828751&pe=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&pf=&ra=5968782398571915
Frame ID: 8A62B94F8D5EC8DFC7CE5BBB806AB9B2
Requests: 20 HTTP requests in this frame

Frame: https://pixel.sitescout.com/dmp/asyncPixelSync
Frame ID: 0A8B52BE07A51F8F2A65527BFA64DCCE
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257;~oref=https://www.turningstone.com/
Frame ID: C9613B0B9EEC8D9F4B0C73B22E655E87
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365;~oref=https://www.turningstone.com/
Frame ID: 6279DA672A402CFEBEF68E9CA8087E1F
Requests: 1 HTTP requests in this frame

Frame: https://www.pinterest.de/ct.html
Frame ID: 937F2FED96941B4064AB317D25EDCD5A
Requests: 4 HTTP requests in this frame

Frame: https://insight.adsrvr.org/track/up?adv=ouju4wr&ref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&upid=lyhltmw&upv=1.1.0
Frame ID: 38BB4D54A5F3FD496EA53EFD38E5C679
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Slots | Turning Stone Resort Casino

Page URL History Show full URLs

https://t1.on-enterprises.com/r/?id=h1507691,1c2d9cc,1c2d9dc&utm_source=ADOBE&utm_medium=email&amp... HTTP 302
https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_G... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

<(?:iframe|img)[^>]+adnxs\.(?:net|com)
adnxs\.(?:net|com)

Aweber (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

\.aweber\.com/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Sizmek (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

serving-sys\.com/

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

178
Requests

82 %
HTTPS

33 %
IPv6

56
Domains

80
Subdomains

64
IPs

7
Countries

8343 kB
Transfer

11636 kB
Size

70
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://play.turningstone.com/
Title: Turning stone online casino

Search URL Search Domain Scan URL

URL: https://www.myturningstone.com/
Title: DOWNLOAD YOUR 2020 WIN/LOSS STATEMENT

Search URL Search Domain Scan URL

URL: https://www.myturningstone.com/?ts=login
Title: Login to TS Rewards

Search URL Search Domain Scan URL

URL: https://www.nccreports.com/application/?turningstone
Title: Casino Credit

Search URL Search Domain Scan URL

URL: http://oneidaindiannationoutfitters.com/preserve?utm_source=TS-WEBSITE&utm_medium=website-link
Title: The Preserve

Search URL Search Domain Scan URL

URL: http://oneidaindiannationoutfitters.com/salmonacres?utm_source=TS-WEBSITE&utm_medium=website-link
Title: Salmon Acres

Search URL Search Domain Scan URL

URL: https://connect.socialtables.com/microsite/2806
Title: Floor Plans and Layouts

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TurningStoneResort
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/turningstone/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/TurningStone
Title: Twitter

Search URL Search Domain Scan URL

URL: https://goo.gl/maps/vWsbhEmZN1HVJPDj7
Title: Get Directions

Search URL Search Domain Scan URL

URL: http://www.facebook.com/TurningStoneResort

Search URL Search Domain Scan URL

URL: https://instagram.com/turningstone

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/turning-stone-resort-casino/id722351897

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.joingo.tsrc&hl=en_US

Search URL Search Domain Scan URL

URL: http://www.oneidaindiannation.com/

Search URL Search Domain Scan URL

URL: https://www.onenterprises.com/careers
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.google.com/maps/place/Turning+Stone+Resort+Casino/@43.1152275,-75.5916637,17z/data=!3m1!4b1!4m5!3m4!1s0x89d973dc14c2ffbd:0x7bf71dd02d72ba2!8m2!3d43.1152275!4d-75.589475?hl=en

Search URL Search Domain Scan URL

URL: https://www.onenterprises.com/
Title: Oneida Nation Enterprises

Search URL Search Domain Scan URL

URL: https://www.oneidaindiannation.com/
Title: Oneida Indian Nation

Search URL Search Domain Scan URL

URL: http://www.oneidaindiannation.com/wp-content/uploads/2017/03/2016-Annual-Report.pdf
Title: 2016 Annual Report

Search URL Search Domain Scan URL

URL: http://www.ncrg.org/
Title: RESPONSIBLE GAMING LINK

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t1.on-enterprises.com/r/?id=h1507691,1c2d9cc,1c2d9dc&utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962 HTTP 302
https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://secure.adnxs.com/seg?add=627255&t=2 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D627255%26t%3D2

Request Chain 21

https://bcp.crwdcntrl.net/5/c=931/b=27138012 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=27138012

Request Chain 22

https://bcp.crwdcntrl.net/5/c=931/b=37480040 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480040

Request Chain 23

https://bcp.crwdcntrl.net/5/c=931/b=37480100 HTTP 302
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480100

Request Chain 66

https://8121658.fls.doubleclick.net/activityi;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257 HTTP 302
https://8121658.fls.doubleclick.net/activityi;dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257

Request Chain 67

https://2196496.fls.doubleclick.net/activityi;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365 HTTP 302
https://2196496.fls.doubleclick.net/activityi;dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365

Request Chain 73

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=EA2A50662D6D4C65A3EC3481C84879BD&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=EA2A50662D6D4C65A3EC3481C84879BD&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 74

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 75

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EA2A50662D6D4C65A3EC3481C84879BD HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 76

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EA2A50662D6D4C65A3EC3481C84879BD HTTP 302
https://d.agkn.com/pixel/10751/?che=1640977287&ip=185.213.155.169&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164850404017000392844 HTTP 302
https://um.simpli.fi/aa_px?sk=164850404017000392844

Request Chain 78

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 81

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=EA2A50662D6D4C65A3EC3481C84879BD;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=EA2A50662D6D4C65A3EC3481C84879BD;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NTI4MzUyMzgwNjMzODg5MzIzMg== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENf1iqonxQvde_yY7sXuFdU&google_cver=1

Request Chain 82

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=EA2A50662D6D4C65A3EC3481C84879BD&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=EA2A50662D6D4C65A3EC3481C84879BD&j=0&xl8blockcheck=1

Request Chain 84

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 85

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 86

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 87

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 88

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 89

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1640977333730&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=tVPPYc65OZel-gaCqq94&sscte=1&crd=CNPgGw HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=tVPPYc65OZel-gaCqq94&cid=CAQSKQCNIrLMYwrNC13lo-njmmsF5uVJ1O7WH3QxwXLfwdn9Z5Ux2wutIvEL&random=1880867163 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=tVPPYc65OZel-gaCqq94&cid=CAQSKQCNIrLMYwrNC13lo-njmmsF5uVJ1O7WH3QxwXLfwdn9Z5Ux2wutIvEL&random=1880867163&ipr=y&prhg=0

Request Chain 90

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EA2A50662D6D4C65A3EC3481C84879BD HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EA2A50662D6D4C65A3EC3481C84879BD&__user_check__=1&sync_id=2a59828f-6a6c-11ec-a82f-1df4c96b0506

Request Chain 91

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 92

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA2A50662D6D4C65A3EC3481C84879BD&expires=365

Request Chain 93

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=EA2A50662D6D4C65A3EC3481C84879BD

Request Chain 94

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc= HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEIfU30gDcykiVGXq_djggJ8&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2A50662D6D4C65A3EC3481C84879BD HTTP 302
https://um.simpli.fi/g_match?id=

Request Chain 101

https://10448040.fls.doubleclick.net/activityi;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962 HTTP 302
https://10448040.fls.doubleclick.net/activityi;dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962

Request Chain 123

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962 HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2673738%26time%3D1640977334099%26url%3Dhttps%253A%252F%252Fwww.turningstone.com%252Fgaming%252Fslots%253Famp%253Butm_source%253DADOBE%2526amp%253Butm_medium%253Demail%2526amp%253Butm_campaign%253DON_GM_RESORT_EM_RESWKLY_2112XXW%2526amp%253Butm_profileid%253D5af2da77-82fb-423c-9744-8bf022b23962%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&liSync=true&e_ipv6=AQKRyHh0lDWLUwAAAX4R3wDIq7ZnoJlGwmiY-6FG3VyQi1X4Odd7zszlh5jkmNS3b6UoXmX_

Request Chain 125

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/10343 HTTP 302
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

Request Chain 149

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTkxNzc1OTM5MjMyOTA1NTE5NA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGGt13N4fe9w7kLiMQTHTGw&google_cver=1

Request Chain 151

https://stags.bluekai.com/site/4722?id=1917759392329055194&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=lt8%2Bv8kZ99eWxz2C&forward=

Request Chain 153

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1917759392329055194&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759392329055194&redir=

Request Chain 154

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1917759392329055194&bid=omt9pi0

Request Chain 157

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759392329055194&referrer=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962 HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d8b9c1e6-9b45-48e6-9926-1d9ced9addf6%3A1640977335.09&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd8b9c1e6-9b45-48e6-9926-1d9ced9addf6%253A1640977335.09 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d8b9c1e6-9b45-48e6-9926-1d9ced9addf6%3A1640977335.09 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENLkfB5Tcfdh5T3PPC3jPgE&google_cver=1

Request Chain 159

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759392329055194&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759392329055194&forward=&C=1

Request Chain 166

https://x.bidswitch.net/sync?dsp_id=119&user_id=1917759392329055194&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759392329055194&expires=30

Request Chain 167

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Yc9TtwACEHPvFwBK HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=Yc9TtwACEHPvFwBK&_test=Yc9TtwACEHPvFwBK

Request Chain 168

https://www.pinterest.com/ct.html HTTP 302
https://www.pinterest.de/ct.html

178 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request slots Show response
www.turningstone.com/gaming/
Redirect Chain

https://t1.on-enterprises.com/r/?id=h1507691,1c2d9cc,1c2d9dc&utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf...
https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962

170 KB
26 KB

1173ms
583ms

Document
text/html

52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4a040ecf49762ec6af1fff03bfcac4ef901659a5141d188d69b80bb2d6ca0a57

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 31 Dec 2021 19:02:12 GMT
Server: Apache
Strict-Transport-Security: max-age=0; includeSubDomains
X-Frame-Options: SAMEORIGIN
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: max-age=600, private, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Connection: keep-alive, Keep-Alive
Content-Length: 25573
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=ISO-8859-1

Redirect headers

date: Fri, 31 Dec 2021 19:02:11 GMT
content-type: text/plain; charset=utf-8
content-length: 17
location: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
server: Apache
p3p: CP="CAO DSP COR CURa DEVa TAIa OUR BUS IND UNI COM NAV"
x-robots-tag: noindex

GET
H2 200 css
fonts.googleapis.com/ 26 KB
2 KB 615ms
247ms Stylesheet
text/css 2a00:1450:4019:805::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:805::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 18:26:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 31 Dec 2021 19:02:13 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Dec 2021 19:02:13 GMT

GET
H/1.1 200
OK combined.css
www.turningstone.com/css/ 279 KB
39 KB 178ms
103ms Stylesheet
text/css 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/css/combined.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b8aa46c67dd12b1fb7f59d7fb3f8457bc5a846b781411711cbaf030630534b7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 39762
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 31 Oct 2019 09:34:29 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=31536000, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 30 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK style.css
www.turningstone.com/css/ 343 KB
49 KB 298ms
106ms Stylesheet
text/css 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/css/style.css?v=2481575

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

936ce48a0474a9b732df095ec42b7adc4cf319bf8524e689a34454c6e9be46b8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 49669
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 27 Dec 2021 13:29:41 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=31536000, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 30 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK galleria.classic.css
www.turningstone.com/css/ 6 KB
2 KB 288ms
97ms Stylesheet
text/css 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/css/galleria.classic.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0c2df48b15ce4283326521f6d7e14d9c6f8d8f29cf9adf915518eacf586b5488

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 1113
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 06 Dec 2019 09:47:49 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=31536000, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 30 Jan 2022 19:02:13 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 32ms
13ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 4301392
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 5631
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P05PVXrr4kz2FB0z8bu%2FTTkHf90EJLYES653tg6IsDYXoTR80ie6Bycja%2Bp8xkhn%2B7iEysklt%2F0gmSrwrj6TYNaaHFOq8eArA3Y%2B44%2BNpgnL29PXNB1iwMv2jwBsXKn3l3VNF0TMq9vPnT%2BMzRtND6%2B8"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c65c2caff9d5c5c-FRA
expires: Wed, 21 Dec 2022 19:02:12 GMT

GET
H/1.1 200
OK slick-custom.css
www.turningstone.com/css/ 2 KB
1 KB 289ms
97ms Stylesheet
text/css 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/css/slick-custom.css

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2467642156aaba136509f56fd54df5e1804491f0717e529a24310b4d949f35b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 612
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 29 Oct 2021 06:40:44 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/css
Cache-Control: max-age=31536000, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 30 Jan 2022 19:02:13 GMT

GET
H2 200 all.css
pro.fontawesome.com/releases/v5.9.0/css/ 81 KB
17 KB 60ms
22ms Stylesheet
text/css 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.9.0/css/all.css
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 91a9d7a29fe8f1823c99e7ba6a8e872a0851cb04908948ac07aa576fa1d1b169

Request headers

Referer: https://www.turningstone.com/
Origin: https://www.turningstone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:12 GMT
content-encoding: gzip
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 919613
x-amz-request-id: 9F4K4HCA2KBPZPTM
x-amz-id-2: LcCYuUKzBi5MPAzaDnIN5QNXhGkFO5nl97gcnrJlehm+2bD+ZP66bw4J/9onTjBJf+LNmxTGl5A=
last-modified: Mon, 28 Jun 2021 17:42:06 GMT
server: cloudflare
etag: W/"99fdcce3ee72649d41648e469aae48e0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 6c65c2cb19e605e4-FRA

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 67ms
21ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=67565&action=100&segment=wsyrturningstonecasinoandresort&m=1&sifi_tuid=38783

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: FsXsMNFAwzpVnfTH3ywh
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 66ms
20ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=67565&conversion=10&campaign_id=0&m=1&c=turningstonecasinoandresortwsyr&sifi_tuid=38784

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: FsXsMNFQlqIM52PmtUgC
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK combined.js Show response
www.turningstone.com/js/ 547 KB
156 KB 296ms
104ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/combined.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

8e66a74935062224e1db11dbd0c39e3d5ea0ee272b2471d8617a49a6c95a20a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Transfer-Encoding: chunked
Connection: keep-alive, Keep-Alive
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 11 Nov 2019 07:16:48 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK modernizr.min.js Show response
www.turningstone.com/js/ 11 KB
5 KB 289ms
97ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/modernizr.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 4511
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 14 Dec 2020 08:25:46 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK galleria.js Show response
www.turningstone.com/js/ 213 KB
48 KB 376ms
104ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/galleria.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

0d834516b1858ff8962556029c855d4938f949677db8a9d8835b8c978e016119

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 48676
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 06 Dec 2019 09:47:49 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK galleria.classic.js Show response
www.turningstone.com/js/ 4 KB
2 KB 385ms
97ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/galleria.classic.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

017bde2ec4565c43de5d457723329ddfc1509ec1b4a2528280901f1bdba55383

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 1180
X-XSS-Protection: 1; mode=block
Last-Modified: Fri, 06 Dec 2019 09:47:49 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 151 KB
50 KB 156ms
69ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCrqv-RXGLY0dD0fOAp6izluiITBFiZC6Y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

5c578caeb2fbad8b9590f1bea49b97cbcdd2b06bae2fb57522ebf235c32df505

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: gzip
vary: Accept-Language
server: mafe
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=21
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50572
x-xss-protection: 0
expires: Fri, 31 Dec 2021 19:32:13 GMT

GET
H/1.1 200
OK jquery.matchHeight.js Show response
www.turningstone.com/js/ 11 KB
3 KB 388ms
98ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/jquery.matchHeight.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

9aafb465a39e5ce9cdea0237c57406e0df413bf382e5064ab689f0ff5fb997a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 3033
X-XSS-Protection: 1; mode=block
Last-Modified: Tue, 28 Mar 2017 05:40:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK functions.js Show response
www.turningstone.com/js/ 21 KB
5 KB 386ms
97ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/functions.js?v=2481575

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3da13c424db4d8911082f88e9659a5ed15ae29947b3f3b8760cc7a6119e8140e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 4546
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 29 Dec 2021 13:01:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK awt_analytics.js Show response
analytics.aweber.com/js/ 3 KB
3 KB 387ms
92ms Script
text/javascript 204.194.222.24
AWEBER-SYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.aweber.com/js/awt_analytics.js?id=1g4Oc
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 204.194.222.24 , United States, ASN11810 (AWEBER-SYSTEMS, US),
Reverse DNS: analytics.aweber.com
Software: /
Resource Hash: 6af7cd3ff7ffbe36b57045563dffcf79630ed00aa9f68b9bf018603c83edf732

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Last-Modified: Tue, 10 Aug 2021 15:10:47 GMT
Vary: User-Agent
Content-Type: text/javascript
Cache-Control: max-age=2592000
Accept-Ranges: bytes
Content-Length: 3261
Expires: Sun, 30 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK slick.min.js Show response
www.turningstone.com/js/ 42 KB
11 KB 474ms
97ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/slick.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 10437
X-XSS-Protection: 1; mode=block
Last-Modified: Thu, 11 Apr 2019 12:52:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK jquery.cookie.min.js Show response
www.turningstone.com/js/ 1 KB
1 KB 481ms
96ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/jquery.cookie.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 697
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 03 Jun 2020 05:10:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
970 B 131ms
47ms Script
text/javascript 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 557
x-xss-protection: 1; mode=block
expires: Fri, 31 Dec 2021 19:02:13 GMT

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?add=627255&t=2
https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D627255%26t%3D2

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D627255%26t%3D2

Requested by

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 8e5dc70d-9d98-4560-8205-85a63c97bf4d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 539.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 593f53eb-b96b-43d1-a2d3-764e9ecfa30c
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D627255%26t%3D2
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

b=27138012
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=27138012
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=27138012

49 B
736 B

50ms
49ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=27138012
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.26.14
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=27138012
cache-control: no-cache
x-server: 10.45.24.26
content-length: 0
expires: 0

GET
H2

200

b=37480040
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=37480040
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480040

49 B
736 B

85ms
84ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480040
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.31.9
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480040
cache-control: no-cache
x-server: 10.45.9.20
content-length: 0
expires: 0

GET
H2

200

b=37480100
bcp.crwdcntrl.net/5/ct=y/c=931/
Redirect Chain

https://bcp.crwdcntrl.net/5/c=931/b=37480100
https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480100

49 B
736 B

118ms
117ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480100
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.0.34
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/5/ct=y/c=931/b=37480100
cache-control: no-cache
x-server: 10.45.24.209
content-length: 0
expires: 0

GET
H/1.1 200
OK logo.png
www.turningstone.com/images/ 4 KB
5 KB 99ms
96ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/images/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9f0748c8e7fd8c3ce8f2ab8aa6ea0f16d5398ce06df08c0e6458cae875a81ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 26 Feb 2021 12:45:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 4278
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK redarrow.png
www.turningstone.com/img/ 1 KB
2 KB 97ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/img/redarrow.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f0cd443d83c3cee918d86f8188a417ea6ebdb6d74678c41b6773b56f66e4de0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 11:07:06 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 1229
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1484645945blu-casino-main-overall-flattened-529x172.jpg
www.turningstone.com/uploads/category/resized/ 1 MB
1 MB 311ms
97ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1484645945blu-casino-main-overall-flattened-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

dc37210bdd2e6f1b0c1ea7295c47c9cb272255e20f720d6d7e6d4a2d411bb7b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 09 Mar 2017 10:07:39 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1443208
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1484646198turning-stone-resort-the-lodge-1-529x172.jpg
www.turningstone.com/uploads/category/resized/ 46 KB
47 KB 174ms
96ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1484646198turning-stone-resort-the-lodge-1-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b2b50ff69b1550aa06c277b8c94f59c237c8a049b4b7a2e72c3f7069caef0840

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Jan 2017 09:43:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 47558
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1612362528293839-dining-hero-image-529x172.jpg
www.turningstone.com/uploads/category/resized/ 41 KB
42 KB 115ms
96ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1612362528293839-dining-hero-image-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

61c61bdedc23bebdc7e01c284d071bc40d21cd6ad1d3a16a8d0fba600d96b747

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 03 Feb 2021 14:28:53 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 42085
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 16304188711625602415entertainment-events-page-1800x1200-529x172.jpg
www.turningstone.com/uploads/category/resized/ 26 KB
27 KB 383ms
97ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/16304188711625602415entertainment-events-page-1800x1200-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

efbb08a3fd3cf65d79d1726c95cf23ba7fa2c39eb35dd6916cb9cd16426ea68c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 31 Aug 2021 14:07:55 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 27079
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1483987413atunyote-panoramic_1200tall-529x172.jpg
www.turningstone.com/uploads/category/resized/ 167 KB
167 KB 98ms
97ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1483987413atunyote-panoramic_1200tall-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

100e3c8cce2f464a96eca460fa781859f8134b8b4c1ed2d677cec1f56efc5316

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Apr 2017 09:25:40 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 170910
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1483982357skana_lobby_3200x1200-529x172.jpg
www.turningstone.com/uploads/category/resized/ 180 KB
180 KB 288ms
96ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1483982357skana_lobby_3200x1200-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

a284578ae52bed337852df2eee6e8dd7f41adda59ba3cd33601b4cdf5b438f90

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Apr 2017 09:26:46 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 184144
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1638484661nightlife_3200x1200-529x172.jpg
www.turningstone.com/uploads/category/resized/ 47 KB
48 KB 97ms
96ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1638484661nightlife_3200x1200-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

d199e471269e22f99bb0ee11256be4cb297ec0ef90fd20ec28922f258029d332

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 02 Dec 2021 22:37:46 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 48255
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1491468812%5E09b0909c9012fc9165e96825cc4e0c4b087635e0b46ec21565%5Epimgpsh_fullsize_distr-529x172.png
www.turningstone.com/uploads/category/resized/ 188 KB
189 KB 97ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1491468812%5E09b0909c9012fc9165e96825cc4e0c4b087635e0b46ec21565%5Epimgpsh_fullsize_distr-529x172.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

386339fee19f807acd9125ee5310424eb72d516d12db4f0fb234ce56514b8907

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 06 Apr 2017 08:53:58 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 192726
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK 1617889708weddings-hero-529x172.jpg
www.turningstone.com/uploads/category/resized/ 23 KB
23 KB 389ms
97ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1617889708weddings-hero-529x172.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

49d4a702eaabf391f61f53307964a6a4236b30b8f4f3cdadaef20f0f82af56dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 08 Apr 2021 13:48:37 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 23182
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK jquery.validate.min.js Show response
www.turningstone.com/js/ 24 KB
8 KB 97ms
97ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/jquery.validate.min.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

328dd32ad02a8c9edd0f99a407cbfe22c6c98eadb551c8fbe77ffc084b756c12

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 7815
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 21 Oct 2020 05:29:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H/1.1 200
OK 1633449775ts_slotshero_3200x1200.jpg
www.turningstone.com/uploads/category/resized/ 139 KB
139 KB 426ms
101ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1633449775ts_slotshero_3200x1200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

07396aad7ac4fe783410539e617c24c840360243ec39cee54b02f34f6ec3ff76

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 05 Oct 2021 16:03:00 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 142296
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK Coin-Combo-1800X1200.jpg
www.turningstone.com/uploads/document/Slots/ 2 MB
2 MB 446ms
99ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/document/Slots/Coin-Combo-1800X1200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

67e734d448797831b0927797e9dd77f8fa3abce08ba95baa0cf411b6b53c71ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Nov 2021 21:16:07 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 2063791
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 484006-Image-Sourcing---Promotions_1050x1270.jpg
www.turningstone.com/uploads/document/big-winners/ 441 KB
441 KB 100ms
99ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/document/big-winners/484006-Image-Sourcing---Promotions_1050x1270.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f64c35bebf2deb90fb5078331a1d5e9926ab9bb49b551d0afecdcf064c2aa09f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Nov 2021 21:31:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 451192
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 484006-Image-Sourcing---TS_Rewards_1050x1270.jpg
www.turningstone.com/uploads/document/big-winners/ 248 KB
248 KB 104ms
104ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/document/big-winners/484006-Image-Sourcing---TS_Rewards_1050x1270.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

db81ccd7d6d4068dc088b0f3f8cca6bd80611fb2495fd171248f3936a7be569d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Nov 2021 21:31:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 253816
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 484006-Image-Sourcing---Slots_1050x1270.jpg
www.turningstone.com/uploads/document/big-winners/ 297 KB
297 KB 99ms
98ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/document/big-winners/484006-Image-Sourcing---Slots_1050x1270.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

5ba4dd23c9c00cb89b87fa2021fa9ddaec9e2664a409eb469fc164a8ef12f285

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Nov 2021 21:31:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 303681
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 484006-Image-Sourcing---Bingo_1050x1270.jpg
www.turningstone.com/uploads/document/big-winners/ 299 KB
299 KB 99ms
99ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/document/big-winners/484006-Image-Sourcing---Bingo_1050x1270.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

005871e2ceaf4a09cc755c9d93e28a87f3e1df0aeb33069f1da2d5513bfcfcad

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Nov 2021 21:31:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 305940
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 484006-Image-Sourcing---Poker_1050x1270.jpg
www.turningstone.com/uploads/document/big-winners/ 246 KB
247 KB 102ms
101ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/document/big-winners/484006-Image-Sourcing---Poker_1050x1270.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b53f94591e4fcf57b3f4e660eeec00ace3319593a6a4aed17957b00a288779e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 18 Nov 2021 21:31:43 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 252206
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 1639674453674091-cold-nights-hot-rates-1800x1200.jpg
www.turningstone.com/uploads/category/resized/ 247 KB
248 KB 98ms
98ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1639674453674091-cold-nights-hot-rates-1800x1200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

1651ffc0e8153c8a8f7d9b88db286103ba68aecc8577cb0127839d4577a02752

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 16 Dec 2021 17:07:39 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 252995
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 16092614621601574849218819-update-packages-experiencets.jpg
www.turningstone.com/uploads/category/resized/ 53 KB
53 KB 97ms
97ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/16092614621601574849218819-update-packages-experiencets.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

ff0798d2bdf63cf8331adc8bd82146a2126f09a0bdf14b96492b0ac1f679a22a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 29 Dec 2020 17:04:26 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 54042
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 1591251516sleepandsavor_1800x1200.jpg
www.turningstone.com/uploads/category/resized/ 106 KB
107 KB 97ms
97ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1591251516sleepandsavor_1800x1200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

7f02555c17ab01620911be6088305c7137bfc6ae29f1d2811ce7beddb8437d5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Jun 2020 06:18:42 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 109001
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 1591251483romance_1800x1200.jpg
www.turningstone.com/uploads/category/resized/ 85 KB
86 KB 100ms
98ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1591251483romance_1800x1200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

799c11bc88ff18b22afdb85c0b478a7b18f26fb1a546d50127d3b92ff022f0a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 04 Jun 2020 06:18:08 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 87471
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK 1615409645333571-golf-champions-package-1800x1200.jpg
www.turningstone.com/uploads/category/resized/ 302 KB
303 KB 97ms
97ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/uploads/category/resized/1615409645333571-golf-champions-package-1800x1200.jpg

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4a717dfa2069b9d19dcc70fb89d06dd255fabf6c04dd76bafcf30429e60043b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 10 Mar 2021 20:54:10 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=91
Content-Length: 309709
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK up-arrow-64.png
www.turningstone.com//images/ 5 KB
5 KB 446ms
99ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com//images/up-arrow-64.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

8fb42be2ad06b29952e4cfbc8fa7dd750d279a14da0db7a4c7074d315f43f3c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 07 Jul 2021 11:51:29 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 4984
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK logo.png
www.turningstone.com/css/images/icons/ 4 KB
5 KB 227ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/images/icons/logo.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b9f0748c8e7fd8c3ce8f2ab8aa6ea0f16d5398ce06df08c0e6458cae875a81ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 31 Jan 2020 06:44:15 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 4278
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK AppStore_300x50-1.png
www.turningstone.com/images/ 1 KB
2 KB 98ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/images/AppStore_300x50-1.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

495730ab6c4cd6fda6b4bceea679627426fbd35c92e8ee4c1df8338cd0f27972

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jun 2020 10:23:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1144
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK GooglePlay_300x50-1.png
www.turningstone.com/images/ 2 KB
2 KB 97ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/images/GooglePlay_300x50-1.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4f016390d74449ac54c4abb06c1cce327869c12094eefa281a82edd177a10873

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 23 Jun 2020 10:23:35 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1655
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK oneida-indian-nation-logo-white.png
www.turningstone.com/images/ 15 KB
15 KB 99ms
98ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/images/oneida-indian-nation-logo-white.png

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

58996cb25c8f85b6473989315c8be1794c3dd0e152f277c1e807a54b5e2c8d4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Mar 2017 05:40:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 15262
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK jquery.stickytabs.js Show response
www.turningstone.com/js/ 2 KB
1 KB 97ms
97ms Script
application/javascript 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.turningstone.com/js/jquery.stickytabs.js

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

2636ea404ac34dcd06c8e94340b120caaa02e9747aa6e474c082459281e9f45a

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Connection: keep-alive, Keep-Alive
Content-Length: 859
X-XSS-Protection: 1; mode=block
Last-Modified: Wed, 29 Dec 2021 13:01:16 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: application/javascript
Cache-Control: max-age=1209600, private
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Expires: Sun, 02 Jan 2022 19:02:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 269 KB
71 KB 189ms
106ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

22935f8bfdb9a99c10b6a8966983c0501d1ce122ff5db52cc80fcc53660230f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 72620
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 Dec 2021 19:02:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 92 KB
36 KB 129ms
64ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5HWCRMH

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8a4f8f364f52615da9e852ad434bb366a308d0ceac05cad7e5ffb5c9946588fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36001
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 Dec 2021 19:02:13 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 133ms
37ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.turningstone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:52:02 GMT
x-content-type-options: nosniff
age: 18611
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:52:02 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 348 KB
137 KB 125ms
38ms Script
text/javascript 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.turningstone.com/
Origin: https://www.turningstone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 17:17:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 6281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 139097
x-xss-protection: 0
last-modified: Mon, 13 Dec 2021 05:04:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin-allow-popups; report-to="recaptcha"
expires: Sat, 31 Dec 2022 17:17:32 GMT

GET
H/1.1 200
OK ico-magnifying-glass.png
www.turningstone.com/css/images/icons/ 3 KB
4 KB 188ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/images/icons/ico-magnifying-glass.png

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/css/style.css?v=2481575

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

f52e83b4a04d8588b5482dd316b1f7ea450733e6a236e30f0119f90693df691d

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/css/style.css?v=2481575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Mar 2017 05:40:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 3372
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK bg-pattern.jpg
www.turningstone.com/css/images/ 8 KB
9 KB 212ms
96ms Image
image/jpeg 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/images/bg-pattern.jpg

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/css/style.css?v=2481575

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

b82eaab6f470ecfbc55a05a217839a1f0c2d64d0816918f8edb3d6ed808c7b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/css/style.css?v=2481575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Mar 2017 05:40:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/jpeg
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 8348
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK ico-twitter.png
www.turningstone.com/css/images/icons/ 1 KB
2 KB 97ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/images/icons/ico-twitter.png

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/css/style.css?v=2481575

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

72666face3072120d9d8dd56a01cab2bf6e3750a16599153e1d6c8b125fcfc45

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/css/style.css?v=2481575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Mar 2017 05:40:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=90
Content-Length: 1215
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK ico-facebook.png
www.turningstone.com/css/images/icons/ 1 KB
1 KB 98ms
97ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/images/icons/ico-facebook.png

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/css/style.css?v=2481575

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

3637411c1a0c011f40b41ea69b3ef5cd86a1d75a6963b0f694a8d1b39b44e128

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/css/style.css?v=2481575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Mar 2017 05:40:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 1044
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK ico-instagram.png
www.turningstone.com/css/images/icons/ 1 KB
2 KB 97ms
96ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/images/icons/ico-instagram.png

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/css/style.css?v=2481575

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

871415d52c0c3e3d4b0cfd806ca6295a5c3daf8164489564cad7bbd2429f1dec

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/css/style.css?v=2481575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Tue, 28 Mar 2017 05:40:03 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1232
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK oneida-ts.png
www.turningstone.com/css/images/ 1 KB
2 KB 96ms
96ms Image
image/png 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/images/oneida-ts.png

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/css/style.css?v=2481575

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

26266edc6cdfb076d253b155c8829316ab90cf0615a7579287ba40f606a6be7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/css/style.css?v=2481575
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Fri, 25 Aug 2017 10:28:22 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/png
Cache-Control: max-age=1209600, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 1074
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H/1.1 200
OK sidebarv2.js Show response
www.bugherd.com/ 19 B
724 B 333ms
109ms Script
text/javascript 54.237.133.81
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.bugherd.com/sidebarv2.js?apikey=omoto6ieyjxmxgqsbb4hqq

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.237.133.81 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-237-133-81.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

55232dd39e62d18f8a17fa1d3d2f48616c0c1a702a053a62e9289bacc00191d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-Permitted-Cross-Domain-Policies: none
P3p: CP="NOI ADM DEV COM NAV OUR STP"
Connection: close
X-Xss-Protection: 1; mode=block
X-Request-Id: b86081ae-d163-4d45-a4c6-122e72858a49
X-Runtime: 0.010821
Referrer-Policy: strict-origin-when-cross-origin
Server: Cowboy
X-Frame-Options: SAMEORIGIN
Etag: W/"9a67684efddbca3d1dc54fab3b062da5"
X-Download-Options: noopen
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains
Content-Type: text/javascript; charset=utf-8
Via: 1.1 vegur
Cache-Control: max-age=0, private, must-revalidate

GET
H2 200 activity;xsp=4435572;ord=1;num=9688850788715.404
pubads.g.doubleclick.net/ 42 B
635 B 161ms
74ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4435572;ord=1;num=9688850788715.404?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

activityi;dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257 Show response
8121658.fls.doubleclick.net/ Frame 3D66
Redirect Chain

https://8121658.fls.doubleclick.net/activityi;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257?
https://8121658.fls.doubleclick.net/activityi;dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578...

506 B
415 B

99ms
51ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8121658.fls.doubleclick.net/activityi;dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

72faf1b7286dd11b38be3621931821c54bb564d5e015198770ea1f4862ef52e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8121658.fls.doubleclick.net/activityi;dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

activityi;dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365 Show response
2196496.fls.doubleclick.net/ Frame 987A
Redirect Chain

https://2196496.fls.doubleclick.net/activityi;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365?
https://2196496.fls.doubleclick.net/activityi;dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365?

503 B
409 B

100ms
52ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2196496.fls.doubleclick.net/activityi;dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

2da579fa2daab52cbb0861543097f591233d0713b4bc460e20f2cbcf655a6e76

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:13 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://2196496.fls.doubleclick.net/activityi;dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 57ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/67E2) /
Resource Hash: 97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:13 GMT
Content-Encoding: gzip
Last-Modified: Thu, 02 Dec 2021 21:35:27 GMT
Server: ECS (frb/67E2)
Age: 63
Etag: "50ec7e701ed018305368886c39cac301+gzip"
Vary: Accept-Encoding
x-tw-cdn: VZ
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Content-Length: 29126

GET
H3 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 29ms
19ms Font
application/octet-stream 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://www.turningstone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1370692
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 77160
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kDlUg8jw0jdV%2Brr7W5PTTltNO0DFt05m8HDZCUcOdQxpvrZcNiLcrifNjjP9O6AE%2BvwiLO7lejt5AHuI2fv0LrZgVmucmSObSYziD0pr%2BKdP%2F%2BT6HNFtNN2oCitJrvyW83fdugeOuUI0NFlMZDEHZypE"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c65c2cfab0a5be9-FRA
expires: Wed, 21 Dec 2022 19:02:13 GMT

GET
H/1.1 200
OK ajax-loader.gif
www.turningstone.com/css/ 2 KB
2 KB 96ms
96ms Image
image/gif 52.4.31.208
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.turningstone.com/css/ajax-loader.gif

Requested by

Host: www.turningstone.com
URL: https://www.turningstone.com/css/combined.css

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

52.4.31.208 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-4-31-208.compute-1.amazonaws.com

Software

Apache /

Resource Hash

4fe365bba5c26b00acdae240655b7642062b1b082c09971a6d0c3f1f8c8108e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/css/combined.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 13 Nov 2019 09:22:59 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Connection: keep-alive, Keep-Alive
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Strict-Transport-Security: max-age=0; includeSubDomains
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=92
Content-Length: 1849
X-XSS-Protection: 1; mode=block
Expires: Sat, 31 Dec 2022 19:02:14 GMT

GET
H2 200 fa-solid-900.woff2
pro.fontawesome.com/releases/v5.9.0/webfonts/ 120 KB
121 KB 19ms
19ms Font
font/woff2 2606:4700::6812:1634
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://pro.fontawesome.com/releases/v5.9.0/webfonts/fa-solid-900.woff2
Requested by: Host: pro.fontawesome.com
URL: https://pro.fontawesome.com/releases/v5.9.0/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1634 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f8926aaf27b0ac1f14f2ea91d7d921fc594638c4299c3d075d120de37eca77f

Request headers

Referer: https://pro.fontawesome.com/releases/v5.9.0/css/all.css
Origin: https://www.turningstone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cf-cache-status: HIT
age: 15986548
cf-ray: 6c65c2cfa94b05e4-FRA
content-length: 123116
x-amz-id-2: qwULHaKb2w0Jnl3ulLHGoSadOmen+Ug6VVgGIOKcsd9xDncq+QQEE4XSCUby+IAuZEoO+ObOZfQ=
last-modified: Mon, 28 Jun 2021 17:43:14 GMT
server: cloudflare
etag: "01ab51e9ff8aa7a971f99f6df25fd31f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: TXVK4ZQXXG8WAZAN
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
content-type: font/woff2

GET
H2 200 p Show response
i.simpli.fi/ 774 B
1 KB 15ms
15ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=67565&conversion=10&campaign_id=0&m=1&c=turningstonecasinoandresortwsyr&sifi_tuid=38784

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

2dc7d8dd9b8f40e14240fe3fb86c1897a62ad607cbbde678af6dff1980d5a032

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=EA2A50662D6D4C65A3EC3481C84879BD&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=EA2A50662D6D4C65A3EC3481C84879BD&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

37 B
352 B

11ms
9ms

Image
image/gif

13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=EA2A50662D6D4C65A3EC3481C84879BD&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=EA2A50662D6D4C65A3EC3481C84879BD&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
date: Fri, 31 Dec 2021 19:02:13 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=EA2A50662D6D4C65A3EC3481C84879BD

43 B
183 B

366ms
110ms

Image
image/gif

2600:1f18:612b:4200:ee57:5bc8:4ac0:7a5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 2600:1f18:612b:4200:ee57:5bc8:4ac0:7a5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=EA2A50662D6D4C65A3EC3481C84879BD
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EA2A50662D6D4C65A3EC3481C84879BD

95 B
425 B

21ms
21ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EA2A50662D6D4C65A3EC3481C84879BD

Requested by

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=EA2A50662D6D4C65A3EC3481C84879BD
date: Fri, 31 Dec 2021 19:02:13 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=EA2A50662D6D4C65A3EC3481C84879BD
https://d.agkn.com/pixel/10751/?che=1640977287&ip=185.213.155.169&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164850404017000392844
https://um.simpli.fi/aa_px?sk=164850404017000392844

43 B
367 B

15ms
14ms

Image
image/gif

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164850404017000392844

Requested by

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:13 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164850404017000392844
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 nexage
um.simpli.fi/ 43 B
415 B 22ms
14ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/nexage

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EA2A50662D6D4C65A3EC3481C84879BD

0
0

47ms
7ms

Image
text/html

13.225.73.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 13.225.73.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-73-121.fra2.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
415 B 18ms
14ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
415 B 18ms
14ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=EA2A50662D6D4C65A3EC3481C84879BD;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=EA2A50662D6D4C65A3EC3481C84879BD;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=NTI4MzUyMzgwNjMzODg5MzIzMg==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENf1iqonxQvde_yY7sXuFdU&google_cver=1

43 B
389 B

33ms
22ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENf1iqonxQvde_yY7sXuFdU&google_cver=1
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-4.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESENf1iqonxQvde_yY7sXuFdU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=EA2A50662D6D4C65A3EC3481C84879BD&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=EA2A50662D6D4C65A3EC3481C84879BD&j=0&xl8blockcheck=1

0
767 B

12ms
11ms

Image
text/plain

18.198.69.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=EA2A50662D6D4C65A3EC3481C84879BD&j=0&xl8blockcheck=1
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 18.198.69.109 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-69-109.eu-central-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=EA2A50662D6D4C65A3EC3481C84879BD&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
415 B 18ms
15ms Image
image/gif 169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=EA2A50662D6D4C65A3EC3481C84879BD

0
421 B

480ms
96ms

Image
text/plain

52.22.84.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Server: 52.22.84.205 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-22-84-205.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Connection: keep-alive
Date: Fri, 31 Dec 2021 19:02:13 GMT

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=EA2A50662D6D4C65A3EC3481C84879BD

62 B
745 B

224ms
157ms

Image
image/gif

104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Server: 104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-215-191.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: bf0c
Content-Type: image/gif

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

200

tpid=EA2A50662D6D4C65A3EC3481C84879BD
bcp.crwdcntrl.net/map/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EA2A50662D6D4C65A3EC3481C84879BD

49 B
265 B

31ms
30ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.13.126
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=EA2A50662D6D4C65A3EC3481C84879BD

0
348 B

115ms
36ms

Image
text/plain

216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:13 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap7ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=EA2A50662D6D4C65A3EC3481C84879BD

0
66 B

57ms
19ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1640977333730&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cook...
https://www.google.com/pagead/1p-conversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ssct...
https://www.google.de/pagead/1p-conversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...

42 B
108 B

136ms
52ms

Image
image/gif

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=tVPPYc65OZel-gaCqq94&cid=CAQSKQCNIrLMYwrNC13lo-njmmsF5uVJ1O7WH3QxwXLfwdn9Z5Ux2wutIvEL&random=1880867163&ipr=y&prhg=0

Requested by

Protocol

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=1301970680&cv=7&fst=1640977333730&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=CNPgGw&is_vtc=1&ocp_id=tVPPYc65OZel-gaCqq94&cid=CAQSKQCNIrLMYwrNC13lo-njmmsF5uVJ1O7WH3QxwXLfwdn9Z5Ux2wutIvEL&random=1880867163&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EA2A50662D6D4C65A3EC3481C84879BD
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EA2A50662D6D4C65A3EC3481C84879BD&__user_check__=1&sync_id=2a59828f-6a6c-11ec-a82f-1df4c96b0506

43 B
548 B

18ms
16ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=EA2A50662D6D4C65A3EC3481C84879BD&__user_check__=1&sync_id=2a59828f-6a6c-11ec-a82f-1df4c96b0506
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=EA2A50662D6D4C65A3EC3481C84879BD&__user_check__=1&sync_id=2a59828f-6a6c-11ec-a82f-1df4c96b0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 47
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=EA2A50662D6D4C65A3EC3481C84879BD

43 B
1012 B

42ms
27ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=66&code=EA2A50662D6D4C65A3EC3481C84879BD

Requested by

Protocol

HTTP/1.1

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:13 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: a0c7be84-735e-4d02-b096-439734cc3e32
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://ib.adnxs.com/setuid?entity=66&code=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA2A50662D6D4C65A3EC3481C84879BD&expires=365

0
239 B

100ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA2A50662D6D4C65A3EC3481C84879BD&expires=365
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=EA2A50662D6D4C65A3EC3481C84879BD&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=EA2A50662D6D4C65A3EC3481C84879BD

43 B
274 B

77ms
23ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=EA2A50662D6D4C65A3EC3481C84879BD
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Fri, 31 Dec 2021 19:02:13 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=EA2A50662D6D4C65A3EC3481C84879BD
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Thu, 30 Dec 2021 19:02:13 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm=&google_sc=&google_tc=
https://um.simpli.fi/g_match?id=&google_gid=CAESEIfU30gDcykiVGXq_djggJ8&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=EA2A50662D6D4C65A3EC3481C84879BD
https://um.simpli.fi/g_match?id=

0
326 B

15ms
15ms

Image
text/plain

169.50.137.182
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Requested by

Protocol

Server

169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b6.89.32a9.ip4.static.sl-reverse.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 30 Dec 2021 19:02:14 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK widget_iframe.21f942bb866c2823339b839747a0c50c.html Show response
platform.twitter.com/widgets/ Frame 6BC0 319 KB
103 KB 7ms
7ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.turningstone.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6739) /
Resource Hash: c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 1895747
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Fri, 31 Dec 2021 19:02:13 GMT
Etag: "8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified: Thu, 02 Dec 2021 21:34:18 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/6739)
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ
Content-Length: 105433

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 101ms
54ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCrqv-RXGLY0dD0fOAp6izluiITBFiZC6Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.turningstone.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3 200 memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v27/ 47 KB
47 KB 88ms
41ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800,800i

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.turningstone.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:44:20 GMT
x-content-type-options: nosniff
age: 19073
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47836
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:23 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:44:20 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 163 KB
60 KB 102ms
56ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-85B0Q711Z7&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

54076f0094f63a378026b6d4680501d20d9ff66f6edf3bcd30f8eaa22a79aca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61857
x-xss-protection: 0
expires: Fri, 31 Dec 2021 19:02:13 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 123ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 5240
date: Fri, 31 Dec 2021 17:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 31 Dec 2021 19:34:54 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
14 KB 65ms
57ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14328
x-xss-protection: 0
server: cafe
etag: 12503521247758841375
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 19:02:13 GMT

GET
H3

200

activityi;dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F... Show response
10448040.fls.doubleclick.net/ Frame 92B3
Redirect Chain

https://10448040.fls.doubleclick.net/activityi;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A...
https://10448040.fls.doubleclick.net/activityi;dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810...

623 B
509 B

55ms
55ms

Document
text/html

142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://10448040.fls.doubleclick.net/activityi;dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f6.1e100.net

Software

cafe /

Resource Hash

839139e1809ceda2eafa979e9b6fa69213e89a5159d7fb0ba13e0721e948455c

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:14 GMT
expires: Fri, 31 Dec 2021 19:02:14 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 484
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:13 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://10448040.fls.doubleclick.net/activityi;dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ebOneTag.js Show response
secure-ds.serving-sys.com/SemiCachedScripts/ 65 KB
21 KB 176ms
10ms Script
application/javascript 23.213.161.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.213.161.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-73.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 9db647cc0699a4c4d65bf404e5c236f62131c59c07f8529a215015ce76a2896f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
content-encoding: gzip
last-modified: Mon, 27 Dec 2021 10:30:04 GMT
server
x-powered-by: ARR/2.5
etag: "29f545b6cfbd71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=158
accept-ranges: bytes
content-length: 20792

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
5 KB 37ms
8ms Script
application/x-javascript 143.204.94.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.94.161 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-94-161.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 05:47:57 GMT
Via: 1.1 ea2e21f6a5c3ec2f96b0dac1b769e00e.cloudfront.net (CloudFront)
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 47657
ETag: "98d98b3499058b76d58073cf8ede2f10"
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Connection: keep-alive
X-Amz-Cf-Pop: FRA50-C1
Accept-Ranges: bytes
Content-Length: 4593
X-Amz-Cf-Id: JFPvwHDNsXDAq25fUkLBMQzy5RmjdfgjQtKcPCBbb5NFZ3OLxbY5Bw==

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 1E02 0
0 67ms
19ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Fri, 31 Dec 2021 19:02:13 GMT
server: AC1.1

GET
H/1.1 200
OK analytics.min.js Show response
cdn.bttrack.com/js/15447/analytics/1.0/ 599 B
696 B 101ms
16ms Script
text/javascript 69.16.175.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.bttrack.com/js/15447/analytics/1.0/analytics.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.16.175.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: hwcdn.net
Software: /
Resource Hash: d73751c602869ed74f9f4ea61bbb66877dff9dc9f95042fc9ecbc3b2bfedea7e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
Content-Encoding: gzip
X-HW: 1640977334.dop249.am5.t,1640977334.cds147.am5.shn,1640977334.dop249.am5.t,1640977334.cds207.am5.c
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=42756
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 368

GET
H2 200 up.js Show response
cdn01.basis.net/assets/ 2 KB
1 KB 85ms
15ms Script
application/javascript 178.79.242.181
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn01.basis.net/assets/up.js?um=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TP825TH
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.181 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-181.fra.llnw.net
Software: AC1.1 /
Resource Hash: 5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 15:06:26 GMT
server: AC1.1
age: 270800
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
content-length: 1041
x-llid: bdf3b9f254392611ad9bb780c0747d52

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: k6Y20oh6E7e/dfQE4GYJ2MqhEHLbrqxqDr2/HvYgXOayyH/UbD1mUo7cWAaPxMJY2ek2a5a9/GnX4rd+D7DTCA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Fri, 31 Dec 2021 19:02:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 67ms
8ms Script
application/x-javascript 2600:9000:2156:5000:1:76cf:fe80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:5000:1:76cf:fe80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:11:23 GMT
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 18:11:13 GMT
server: Jetty(9.3.29.v20201019)
age: 3051
x-cache: Hit from cloudfront
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
via: 1.1 b44e2902bb3501d47514e51618f1bda5.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
content-length: 6162
x-amz-cf-id: 9IiTtjph5z1bL8DMHjxHYsQzOD62fU1qQEcLRIp_ajn2qWmabJ5vuw==
expires: Fri, 31 Dec 2021 19:11:23 GMT

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 5 KB
2 KB 46ms
10ms Script
application/x-javascript 2a02:26f0:6c00::210:ba0a
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00::210:ba0a Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 Sep 2021 19:17:49 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=63571
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2036

GET
H2 200 core.js Show response
s.pinimg.com/ct/ 1 KB
832 B 195ms
118ms Script
application/javascript 2a02:26f0:fb:5aa::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5aa::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "95580b4fad0d5513b92f05a5be0d5a38"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=7200
x-fallback: 6ad2077f-95.100.153.87
accept-ranges: bytes
content-length: 583
access-control-expose-headers: X-CDN

GET
H2 200 /
insight.adsrvr.org/track/pxl/ 70 B
261 B 109ms
33ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=uty2c6m&ct=0:jycg3un&fmt=3&gtmcb=388351624
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1 200
OK 1706
bttrack.com/Pixel/Retarget/ 35 B
380 B 426ms
98ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/Pixel/Retarget/1706
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:14 GMT
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: image/gif
Content-Length: 35
Expires: -1

GET
H3 200 activityi;register_conversion=1;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turni...
10448040.fls.doubleclick.net/ 0
0 49ms
49ms Image
text/html 142.250.184.198
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://10448040.fls.doubleclick.net/activityi;register_conversion=1;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962?
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.198 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H2 204 a9cff35cf32e9a03
pixel.sitescout.com/iap/ 0
191 B 30ms
30ms Image
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/iap/a9cff35cf32e9a03
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:13 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 6BC0 232 B
448 B 136ms
111ms Fetch
application/json 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=cf4e75d411190766384002b7abad5d62843621a7

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.21f942bb866c2823339b839747a0c50c.html?origin=https%3A%2F%2Fwww.turningstone.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-response-time: 104
date: Fri, 31 Dec 2021 19:02:13 GMT
content-encoding: gzip
last-modified: Fri, 31 Dec 2021 19:02:14 GMT
server: tsa_o
vary: Origin
strict-transport-security: max-age=631138519
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
x-connection-hash: 44d98eb7ff4a5ba02238b60cd0e5956946a73240a67b352b7227227573e593c3
content-length: 166

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365;~oref=https:/... Frame 016B 502 B
454 B 164ms
75ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365;~oref=https://www.turningstone.com/

Requested by

Host: 2196496.fls.doubleclick.net
URL: https://2196496.fls.doubleclick.net/activityi;dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19ff59cbdea49a4c65bffc1941cbc09f722f22ba3cf4f5eb6251b12da738b977

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://2196496.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 384
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.com/ddm/fls/i/dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257;~oref=http... Frame CA81 505 B
859 B 161ms
74ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257;~oref=https://www.turningstone.com/

Requested by

Host: 8121658.fls.doubleclick.net
URL: https://8121658.fls.doubleclick.net/activityi;dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d61baec4a76d813da87f47377c099bc22309b603aa69b6b073cae82788001680

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://8121658.fls.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:14 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 390
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/876061015/ 3 KB
1 KB 170ms
169ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/876061015/?random=1640977334013&cv=9&fst=1640977334013&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&tiba=Slots%20%7C%20Turning%20Stone%20Resort%20Casino&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db2c2bb3b1554ecfddf3479638f1ab0d7eead5382ac42018134a6066b5cac931

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1134
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 352344789260812 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 83ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/352344789260812?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27aa681085171339837313897510c85f7d2fde3f019decb0e852ee980f3eb8af

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: WgfdUgOQYcMcEYVcW6za5H/d9AAtO7KGXVB8mR6e0fz6Lo1Y49h9dfvHwSR7lR+SHn21suAl4rk1/TWiy5hbDQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 31 Dec 2021 19:02:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgami...
adservice.google.com/ddm/fls/z/ Frame 92B3 42 B
118 B 120ms
77ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=*;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962

Requested by

Host: 10448040.fls.doubleclick.net
URL: https://10448040.fls.doubleclick.net/activityi;dc_pre=CMyVzPjcjvUCFc04Gwod3okHzw;src=10448040;type=tsrcg0;cat=turni0;ord=G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX;gtm=2wgc10;auiddc=1052810229.1640977334;ps=1;~oref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://10448040.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 js Show response
www.google-analytics.com/gtm/ 89 KB
35 KB 118ms
68ms Script
application/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/gtm/js?id=OPT-PGFB3T6&t=gtm6&cid=1832163018.1640977334

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a57847fe8d64431a3dc934c30937bf91801e535b39c979b0e3125b35bb1b4a19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36127
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 31 Dec 2021 19:02:14 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 70ms
46ms Ping
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-85B0Q711Z7&gtm=2oec10&_p=7012946&sr=1600x1200&ul=en-us&cid=1832163018.1640977334&_s=1&dl=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&dt=Slots%20%7C%20Turning%20Stone%20Resort%20Casino&sid=1640977333&sct=1&seg=0&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85B0Q711Z7&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.turningstone.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.turningstone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Bu...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D2673738%26time%3D1640977334099%26url%3Dhttps%253A%252F%252Fwww.turningstone.com%2...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Bu...
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3B...

0
155 B

318ms
113ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&liSync=true&e_ipv6=AQKRyHh0lDWLUwAAAX4R3wDIq7ZnoJlGwmiY-6FG3VyQi1X4Odd7zszlh5jkmNS3b6UoXmX_
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: ZyQmFDHsxRZwdvd2oisAAA==

Redirect headers

date: Fri, 31 Dec 2021 19:02:14 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: D897F1BE075B4BD5B75C386F5B56B0DD Ref B: FRAEDGE1413 Ref C: 2021-12-31T19:02:14Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=2673738&time=1640977334099&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&liSync=true&e_ipv6=AQKRyHh0lDWLUwAAAX4R3wDIq7ZnoJlGwmiY-6FG3VyQi1X4Odd7zszlh5jkmNS3b6UoXmX_
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXUdc8a45lYMh/vOVs2nw==

GET
H/1.1 200
OK ca.html Show response
20828751p.rfihub.com/ Frame 8A62 3 KB
4 KB 834ms
161ms Document
text/html 198.8.71.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20828751p.rfihub.com/ca.html?ver=9&rb=41331&ca=20828751&_o=41331&_t=20828751&pe=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&pf=&ra=5968782398571915
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 198.8.71.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: af99192320b4851c048a7b0b99600213b5d9cc9cf1fd0988de71d49c9676d189

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 2977
Server: Jetty(9.3.29.v20201019)

GET
H2

200

OneTagDefaultConfig.json Show response
secure-ds.serving-sys.com/BurstingCachedScripts/
Redirect Chain

https://secure-ds.serving-sys.com/adServingData/PROD/TMClient/3/10343
https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json

11 B
186 B

6ms
6ms

XHR
application/json

23.213.161.73
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Server: 23.213.161.73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-213-161-73.deploy.static.akamaitechnologies.com
Software: / ARR/2.5
Resource Hash: 9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
last-modified: Tue, 19 Dec 2017 08:44:56 GMT
server
x-powered-by: ARR/2.5
etag: "5a9573a5a578d31:0"
content-type: application/json
access-control-allow-origin: *
accept-ranges: bytes
content-length: 11
expires: Mon, 31 Dec 2035 00:00:00 GMT

Redirect headers

location: https://secure-ds.serving-sys.com/BurstingCachedScripts/OneTagDefaultConfig.json
date: Fri, 31 Dec 2021 19:02:14 GMT
server: AkamaiGHost
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0

GET
H/1.1 200
OK js Show response
bttrack.com/engagement/ 10 KB
4 KB 355ms
96ms Script
text/javascript 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/js?goalId=15447&cb=1640977334119
Requested by: Host: cdn.bttrack.com
URL: https://cdn.bttrack.com/js/15447/analytics/1.0/analytics.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 82532eb507339f95a40d342218fde8201db6f972ef9ddd2ba53bb05fa64782c4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:14 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control: private,no-cache
Content-Type: text/javascript; charset=utf-8
Content-Length: 3517
Expires: -1

GET
H2 204 asyncPixelSync
pixel.sitescout.com/dmp/ Frame 0A8B 0
0 23ms
17ms Document
text/plain 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.sitescout.com/dmp/asyncPixelSync
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

cache-control: max-age=0,no-cache,no-store
pragma: no-cache
expires: Tue, 11 Oct 1977 12:34:56 GMT
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
date: Fri, 31 Dec 2021 19:02:13 GMT
server: AC1.1

GET
H2 200 7f309b2f711eb2ee
pixel.sitescout.com/up/ 43 B
267 B 406ms
401ms Image
image/gif 66.155.71.149
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sitescout.com/up/7f309b2f711eb2ee?cntr_url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
cache-control: max-age=0,no-cache,no-store
content-type: image/gif
content-length: 43
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3 200 1587717871528493 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 75ms
74ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1587717871528493?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2858ddae02d2f1f5ecb46d82e97f1e702556f132a398fd4a75dfb482136ad7a6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: kS/QLh/BvYxZnAMOOAuvJP0uMR3sKs4OY5qmf4HMNAjcheOtZjzTmhWSX2HebodQNbnx8SC1Kd5j3wjGRZbMKw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 31 Dec 2021 19:02:14 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=352344789260812&ev=PageView&dl=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&rl=&if=false&ts=1640977334159&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640977334158.1645187108&it=1640977334042&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 31 Dec 2021 19:02:14 GMT

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257;~oref=https... Frame C961 194 B
242 B 171ms
75ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257;~oref=https://www.turningstone.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJeFwvjcjvUCFTlEHQkd1FUF1A;src=8121658;type=invmedia;cat=dbm_t00;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=5161577428578.257;~oref=https://www.turningstone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:14 GMT
expires: Fri, 31 Dec 2021 19:02:14 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

GET
H2 200 / Show response
adservice.google.de/ddm/fls/i/dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365;~oref=https://... Frame 6279 194 B
870 B 169ms
75ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365;~oref=https://www.turningstone.com/

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CJPywfjcjvUCFexEHQkddeEHUg;src=2196496;type=gamin0;cat=gamin0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=7431486556687.365;~oref=https://www.turningstone.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://adservice.google.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 31 Dec 2021 19:02:14 GMT
expires: Fri, 31 Dec 2021 19:02:14 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 177
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 47ms
47ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=7012946&t=pageview&_s=1&dl=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&ul=en-us&de=windows-1252&dt=Slots%20%7C%20Turning%20Stone%20Resort%20Casino&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDACEADRAAAAC~&jid=623643111&gjid=580293952&cid=1832163018.1640977334&tid=UA-1462378-1&_gid=1149229461.1640977334&_r=1&gtm=2wgc10TP825TH&z=1688824404

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.turningstone.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.turningstone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1587717871528493&ev=PageView&dl=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&rl=&if=false&ts=1640977334273&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640977334158.1645187108&it=1640977334042&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 31 Dec 2021 19:02:14 GMT

GET
H2 200 main.6ae4a9fc.js Show response
s.pinimg.com/ct/lib/ 54 KB
19 KB 107ms
107ms Script
application/javascript 2a02:26f0:fb:5aa::1931
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js
Requested by: Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:fb:5aa::1931 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 81a17750660243d87d63fcdfb704e2a0d6bb71cf48470aad3743024cc040e46e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-encoding: gzip
x-cdn: akamai
etag: "9850391ff02e4a98b00efa3acfbbbb10"
vary: Accept-Encoding, Origin
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=1209600
x-fallback: 6ad20952-95.100.153.87
accept-ranges: bytes
content-length: 18814
access-control-expose-headers: X-CDN

GET
H3 200 /
www.google.com/pagead/1p-user-list/876061015/ 42 B
64 B 49ms
48ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/876061015/?random=1640977334013&cv=9&fst=1640977200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&tiba=Slots%20%7C%20Turning%20Stone%20Resort%20Casino&async=1&fmt=3&is_vtc=1&random=4250136886&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/876061015/ 42 B
548 B 126ms
50ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/876061015/?random=1640977334013&cv=9&fst=1640977200000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&tiba=Slots%20%7C%20Turning%20Stone%20Resort%20Casino&async=1&fmt=3&is_vtc=1&random=4250136886&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Serving Show response
bs.serving-sys.com/ 0
105 B 79ms
10ms Script
text/plain 18.198.146.150
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bs.serving-sys.com/Serving?cn=ot&onetagid=10343&dispType=js&sync=0&sessionid=3830632422942864422&pageurl=$$https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962$$&activityValues=$$Session%3DG0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX$$&ns=0&rnd=055946164442886026
Requested by: Host: secure-ds.serving-sys.com
URL: https://secure-ds.serving-sys.com/SemiCachedScripts/ebOneTag.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.146.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-146-150.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 57ms
19ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1462378-1&cid=1832163018.1640977334&jid=623643111&gjid=580293952&_gid=1149229461.1640977334&_u=aGDACEACRAAAAC~&z=2125719281

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.turningstone.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 31 Dec 2021 19:02:14 GMT
content-type: text/plain
access-control-allow-origin: https://www.turningstone.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 50ms
49ms Image
image/gif 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1462378-1&cid=1832163018.1640977334&jid=623643111&_u=aGDACEACRAAAAC~&z=937869783

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 60ms
60ms Image
image/gif 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1462378-1&cid=1832163018.1640977334&jid=623643111&_u=aGDACEACRAAAAC~&z=937869783

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
ct.pinterest.com/user/ 520 B
862 B 181ms
118ms XHR
application/json 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/user/?tid=2613765362638&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&cb=1640977334415

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
content-encoding: gzip
vary: Accept-Encoding
x-cdn: akamai
akamai-grn: 0.6599645f.1640977334.14eeceb6
x-envoy-upstream-service-time: 2
x-pinterest-rid: 8564046983799903
pin-unauth: dWlkPVpXSXhOVEJpTWpZdE9HRmxaQzAwTWpBMUxUazJPV1F0TjJSak56VTFNR1k0TWprNQ
access-control-allow-origin: https://www.turningstone.com
referrer-policy: origin
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: application/json; charset=utf-8
pragma: no-cache
access-control-expose-headers: Epik,Pin-Unauth
cache-control: no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials: true
content-length: 375
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
ct.pinterest.com/v3/ 35 B
333 B 269ms
206ms Image
image/gif 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ct.pinterest.com/v3/?tid=2613765362638&pd=%7B%22em%22%3A%2224aba99b2defbb47ee981b4200313f61f3ae31541d8717bdac1e463c838939b0%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%226ae4a9fc%22%2C%22ecm_enabled%22%3Atrue%7D&cb=1640977334417

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6599645f.1640977334.14eecfc3
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 2
content-length: 35
x-pinterest-rid: 1220911825809179
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 / Show response
ct.pinterest.com/md/ 0
275 B 143ms
118ms XHR
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://ct.pinterest.com/md/

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer: https://www.turningstone.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
referrer-policy: origin
x-cdn: akamai
akamai-grn: 0.6599645f.1640977334.14eed11e
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
access-control-allow-origin: *
cache-control: no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time: 1
x-pinterest-rid: 1427085127514451
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK event Show response
bttrack.com/engagement/ 0
401 B 373ms
95ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215447%22%2C%22sessionId%22%3A%2243ac56ee-bbfd-4f8a-b830-b423d6b18b6d%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A1%2C%22url%22%3A%22https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15447&cb=1640977334119
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track003-dc3
Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:14 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Content-Type: text/plain
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK getpixels Show response
bttrack.com/engagement/ 0
400 B 379ms
96ms XHR
text/html 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/getpixels?gid=15447
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15447&cb=1640977334119
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track004-dc3
Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:14 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Content-Type: text/html
Content-Length: 0
Expires: -1

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 16ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=352344789260812&ev=Microdata&dl=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&rl=&if=false&ts=1640977334662&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Slots%20%7C%20Turning%20Stone%20Resort%20Casino%22%2C%22meta%3Adescription%22%3A%22Come%20and%20win%20with%20us!%20Turning%20Stone%20has%202%2C000%20slot%20machines%20to%20choose%20from%20across%20our%20award-winning%20casino.%20%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Turning%20Stone%20Resort%20Casino%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640977334158.1645187108&it=1640977334042&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 31 Dec 2021 19:02:14 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1587717871528493&ev=Microdata&dl=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&rl=&if=false&ts=1640977334775&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Slots%20%7C%20Turning%20Stone%20Resort%20Casino%22%2C%22meta%3Adescription%22%3A%22Come%20and%20win%20with%20us!%20Turning%20Stone%20has%202%2C000%20slot%20machines%20to%20choose%20from%20across%20our%20award-winning%20casino.%20%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22Turning%20Stone%20Resort%20Casino%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640977334158.1645187108&it=1640977334042&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 31 Dec 2021 19:02:14 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 8A62
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTkxNzc1OTM5MjMyOTA1NTE5NA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGGt13N4fe9w7kLiMQTHTGw&google_cver=1

42 B
1 KB

634ms
161ms

Image
image/gif

198.8.71.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGGt13N4fe9w7kLiMQTHTGw&google_cver=1
Protocol: HTTP/1.1
Server: 198.8.71.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEGGt13N4fe9w7kLiMQTHTGw&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK setuid
ib.adnxs.com/ Frame 8A62 43 B
1 KB 10ms
9ms Image
image/gif 37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=18&code=1917759392329055194

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:14 GMT
X-Proxy-Origin: 185.213.155.169; 185.213.155.169; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b34f13da-1a23-4865-ab19-d9ef7a875e8d
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 8A62
Redirect Chain

https://stags.bluekai.com/site/4722?id=1917759392329055194&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=lt8%2Bv8kZ99eWxz2C&forward=

42 B
995 B

627ms
154ms

Image
image/gif

198.8.71.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=lt8%2Bv8kZ99eWxz2C&forward=
Protocol: HTTP/1.1
Server: 198.8.71.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=lt8%2Bv8kZ99eWxz2C&forward=
Date: Fri, 31 Dec 2021 19:02:15 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 8A62 0
239 B 10ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1917759392329055194&
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 611afce88997db6fdd35eb213e662871
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 8A62
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1917759392329055194&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759392329055194&redir=

42 B
945 B

33ms
33ms

Image
image/gif

34.248.159.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759392329055194&redir=

Protocol

HTTP/1.1

Server

34.248.159.172 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-159-172.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v026-0c3609612.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8+ZQ7H6jTrc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v026-000ed6f63.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 5KTw2mqkR6I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1917759392329055194&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame 8A62
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1917759392329055194&bid=omt9pi0

0
344 B

41ms
8ms

Image
text/plain

3.127.178.105
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1917759392329055194&bid=omt9pi0
Protocol: HTTP/1.1
Server: 3.127.178.105 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-127-178-105.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:15 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=1917759392329055194&bid=omt9pi0
Date: Fri, 31 Dec 2021 19:02:15 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 cksync.php
contextual.media.net/ Frame 8A62 45 B
614 B 85ms
33ms Image
image/gif 184.87.212.24
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1917759392329055194

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.87.212.24 Milan, Italy, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-87-212-24.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 31 Dec 2021 19:02:15 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 31 Dec 2021 19:02:15 GMT

GET
H2 200 serving
bs.serving-sys.com/ Frame 8A62 0
104 B 10ms
8ms Image
text/plain 18.198.146.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.198.146.150 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-146-150.eu-central-1.compute.amazonaws.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
content-length: 0
p3p: CP="NOI DEVa OUR BUS UNI"

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame 8A62
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1917759392329055194&referrer=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3...
https://p.rfihub.com/cm?pub=39342&in=0&userid=d8b9c1e6-9b45-48e6-9926-1d9ced9addf6%3A1640977335.09&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd8b9c1e6-9b45-48e6-9926-1d9ced9addf6...
https://idsync.rlcdn.com/501709.gif?partner_uid=d8b9c1e6-9b45-48e6-9926-1d9ced9addf6%3A1640977335.09
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESENLkfB5Tcfdh5T3PPC3jPgE&google_cver=1

42 B
299 B

20ms
20ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESENLkfB5Tcfdh5T3PPC3jPgE&google_cver=1
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 19:02:15 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:15 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESENLkfB5Tcfdh5T3PPC3jPgE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame 8A62 43 B
109 B 386ms
147ms Image
image/gif 3.229.229.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1917759392329055194
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.229.229.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-229-229-140.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:15 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 8A62
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759392329055194&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759392329055194&forward=&C=1

43 B
1006 B

15ms
15ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759392329055194&forward=&C=1
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:15 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 31 Dec 2021 19:02:15 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:14 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1917759392329055194&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Fri, 31 Dec 2021 19:02:14 GMT

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame 8A62 42 B
396 B 21ms
20ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1917759392329055194
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 19:02:14 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame 8A62 43 B
191 B 226ms
147ms Image
image/gif 104.111.215.191
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1917759392329055194

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-215-191.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:15 GMT
cache-control: max-age=0, no-cache, no-store
expires: Fri, 31 Dec 2021 19:02:15 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1 200 partner
sync.search.spotxchange.com/ Frame 8A62 43 B
548 B 16ms
15ms Image
image/gif 185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1917759392329055194&img=1
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 24
Connection: keep-alive
Content-Length: 43

GET
H2 200 sync
partners.tremorhub.com/ Frame 8A62 43 B
182 B 104ms
97ms Image
image/gif 2600:1f18:612b:4200:ee57:5bc8:4ac0:7a5
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1917759392329055194&r=PbZGFZLiiZbp
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4200:ee57:5bc8:4ac0:7a5 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:15 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame 8A62 43 B
237 B 19ms
19ms Image
image/gif 18.170.15.31
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1917759392329055194
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.170.15.31 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-170-15-31.eu-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:14 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 8A62 0
338 B 219ms
27ms Image
text/plain 34.249.77.25
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1917759392329055194
Requested by: Host: www.turningstone.com
URL: https://www.turningstone.com/gaming/slots?amp;utm_source=ADOBE&utm_medium=email&utm_campaign=ON_GM_RESORT_EM_RESWKLY_2112XXW&utm_profileid=5af2da77-82fb-423c-9744-8bf022b23962
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.77.25 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-77-25.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 19:02:15 GMT
cache-control: private, no-cache, no-store
x-request-time: D=54 t=1640977335
x-served-by: beacon-n021-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

sync
x.bidswitch.net/ul_cb/ Frame 8A62
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1917759392329055194&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759392329055194&expires=30

43 B
495 B

8ms
8ms

Image
image/gif

18.198.121.250
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759392329055194&expires=30
Protocol: HTTP/1.1
Server: 18.198.121.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-198-121-250.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1917759392329055194&expires=30
Date: Fri, 31 Dec 2021 19:02:15 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame 8A62
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=Yc9TtwACEHPvFwBK
https://p.rfihub.com/cm?in=1&pub=21653&userid=Yc9TtwACEHPvFwBK&_test=Yc9TtwACEHPvFwBK

42 B
1 KB

547ms
158ms

Image
image/gif

198.8.71.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=Yc9TtwACEHPvFwBK&_test=Yc9TtwACEHPvFwBK
Protocol: HTTP/1.1
Server: 198.8.71.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://20828751p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date: Fri, 31 Dec 2021 19:02:15 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 19:02:15 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1640977335.272521,VS0,VE0
x-served-by: cache-hhn4080-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=Yc9TtwACEHPvFwBK&_test=Yc9TtwACEHPvFwBK
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

ct.html Show response
www.pinterest.de/ Frame 937F
Redirect Chain

https://www.pinterest.com/ct.html
https://www.pinterest.de/ct.html

413 B
4 KB

262ms
253ms

Document
text/html

2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/ct.html

Requested by

Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.6ae4a9fc.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e4344d6d4e57a9b8639b01ddb8333e5f57cd5240d806fb7febcaa81f2bb282b3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-3259774e6c02d124af6a3843683f529f' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1688447705517008; frame-ancestors *
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
p3p: CP="This is not a P3P policy. See https://www.pinterest.com/_/_/help/articles/pinterest-and-p3p for more info."
content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-3259774e6c02d124af6a3843683f529f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1688447705517008; frame-ancestors *
content-security-policy-report-only: script-src 'nonce-3259774e6c02d124af6a3843683f529f' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-frame-options: SAMEORIGIN
content-type: text/html; charset=utf-8
link: <https://i.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://s.pinimg.com>; rel=preconnect; crossorigin=anonymous, <https://v.pinimg.com>; rel=preconnect; crossorigin=anonymous
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 128
pinterest-generated-by: coreapp-webapp-prod-0a03ef59
content-encoding: gzip
pinterest-version: f2bf91b
referrer-policy: origin
x-pinterest-rid: 1688447705517008
date: Fri, 31 Dec 2021 19:02:15 GMT
akamai-grn: 0.6599645f.1640977335.14eedab1
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

Redirect headers

x-xss-protection: 1; mode=block
x-content-type-options: nosniff
vary: User-Agent, Accept-Encoding
x-ua-compatible: IE=edge
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
location: https://www.pinterest.de/ct.html
trailer: x-pinterest-sli-streamed-response-type
x-envoy-upstream-service-time: 84
pinterest-generated-by: coreapp-webapp-prod-0a03c0dd
content-encoding: gzip
pinterest-version: f2bf91b
referrer-policy: origin
x-pinterest-rid: 1059057197867280
date: Fri, 31 Dec 2021 19:02:15 GMT
akamai-grn: 0.6599645f.1640977334.14eed6e7
x-cdn: akamai
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload

GET
H2 200 up Show response
insight.adsrvr.org/track/ Frame 38BB 0
181 B 32ms
32ms Document
text/html 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://insight.adsrvr.org/track/up?adv=ouju4wr&ref=https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962&upid=lyhltmw&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/

Response headers

date: Fri, 31 Dec 2021 19:02:14 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 937F 0
4 KB 138ms
138ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?rid=1688447705517008

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-a04e3603c821d8642c8d17d11403a043' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7261822013681322; frame-ancestors 'self' , script-src 'nonce-a04e3603c821d8642c8d17d11403a043' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7261822013681322
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-a04e3603c821d8642c8d17d11403a043' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=7261822013681322; frame-ancestors 'self' , script-src 'nonce-a04e3603c821d8642c8d17d11403a043' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=7261822013681322
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.6599645f.1640977335.14eede9f
content-security-policy-report-only: script-src 'nonce-a04e3603c821d8642c8d17d11403a043' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 40
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 7261822013681322
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: f2bf91b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 31 Dec 2021 19:02:15 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03c7ec

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 937F 0
4 KB 181ms
181ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-75f434ddf8532e997d28667ad4e071e1' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3942597653717239; frame-ancestors 'self' , script-src 'nonce-75f434ddf8532e997d28667ad4e071e1' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3942597653717239
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-75f434ddf8532e997d28667ad4e071e1' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=3942597653717239; frame-ancestors 'self' , script-src 'nonce-75f434ddf8532e997d28667ad4e071e1' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=3942597653717239
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.6599645f.1640977335.14eedea3
content-security-policy-report-only: script-src 'nonce-75f434ddf8532e997d28667ad4e071e1' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 72
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 3942597653717239
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: f2bf91b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 31 Dec 2021 19:02:15 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03ed35

POST
H2 204 /
www.pinterest.de/_/_/csp_report/ Frame 937F 0
4 KB 183ms
183ms Other
text/plain 2.21.141.169
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pinterest.de/_/_/csp_report/?reportonly

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.21.141.169 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-21-141-169.deploy.static.akamaitechnologies.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' blob: data: .pinimg.com .pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net .adyen.com .adyenpayments.com; img-src * data: blob:; script-src 'nonce-fdefd28d5d9a8f33841d8cdad8150811' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' .pinimg.com .pinterest.com accounts.google.com .facebook.com .dropboxapi.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com .cedexis.com .cedexis-radar.net blob: .tvpixel.com api.pinadmin.com .live-video.net; media-src 'self' .pinimg.com blob: data: .live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' .google.com .pinimg.com .pinterest.com .pinterdev.com .facebook.com content.googleapis.com .adyen.com .youtube.com .ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net .fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1500841351799170; frame-ancestors 'self' , script-src 'nonce-fdefd28d5d9a8f33841d8cdad8150811' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1500841351799170
Strict-Transport-Security	max-age=31536000 ; includeSubDomains ; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pinterest.de/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: application/csp-report

Response headers

content-security-policy: default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net *.adyen.com *.adyenpayments.com; img-src * data: blob:; script-src 'nonce-fdefd28d5d9a8f33841d8cdad8150811' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; connect-src 'self' *.pinimg.com *.pinterest.com accounts.google.com *.facebook.com *.dropboxapi.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org pinterest-aberdeen.s3.amazonaws.com pinterest-aberdeen.s3.us-east-1.amazonaws.com pinterest-anaheim.s3.amazonaws.com pinterest-anaheim.s3.us-east-1.amazonaws.com pinterest-media-upload.s3.amazonaws.com pinterest-media-upload.s3.us-east-1.amazonaws.com pinterest-media-upload.s3-accelerate.amazonaws.com pinterest-media-upload.s3-accelerate.us-east-1.amazonaws.com pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-poughkeepsie.s3.amazonaws.com pinterest-poughkeepsie.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinterest-plymouth.s3.amazonaws.com pinterest-plymouth.s3.us-east-1.amazonaws.com *.cedexis.com *.cedexis-radar.net blob: *.tvpixel.com api.pinadmin.com *.live-video.net; media-src 'self' *.pinimg.com blob: data: *.live-video.net; object-src 'self'; form-action 'self'; frame-src 'self' *.google.com *.pinimg.com *.pinterest.com *.pinterdev.com *.facebook.com content.googleapis.com *.adyen.com *.youtube.com *.ytimg.com player.vimeo.com calendly.com vine.co bid.g.doubleclick.net *.fls.doubleclick.net pinterest-milwaukee.s3.amazonaws.com pinterest-milwaukee.s3.us-east-1.amazonaws.com pinterest-waterloo.s3.amazonaws.com pinterest-waterloo.s3.us-east-1.amazonaws.com pinlogs.s3.amazonaws.com pinlogs.s3.us-east-1.amazonaws.com pinterest-hilo.s3.us-east-1.amazonaws.com pinterest-hilo.s3.amazonaws.com advertising-delivery-metric-reports.s3.amazonaws.com advertising-delivery-metric-reports.s3.us-east-1.amazonaws.com servedby.flashtalking.com pinterest-uk.admo.tv pinterest-uk-web.admo.tv fbrpc://call www.recaptcha.net www-pinterest-de.cdn.ampproject.org; worker-src 'self' blob: https://www-pinterest-com.cdn.ampproject.org 'unsafe-inline'; base-uri 'none'; report-uri /_/_/csp_report/?rid=1500841351799170; frame-ancestors 'self' , script-src 'nonce-fdefd28d5d9a8f33841d8cdad8150811' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline' blob:; report-uri /_/_/csp_report/?rid=1500841351799170
x-content-type-options: nosniff
x-cdn: akamai
akamai-grn: 0.6599645f.1640977335.14eedeaa
content-security-policy-report-only: script-src 'nonce-fdefd28d5d9a8f33841d8cdad8150811' 'strict-dynamic' 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; report-uri /_/_/csp_report/?reportonly , script-src 'report-sample' 'self' *.pinterest.com *.pinimg.com *.google.com connect.facebook.net *.google-analytics.com *.facebook.com *.googleadservices.com *.doubleclick.net *.googletagmanager.com *.adyen.com *.adyenpayments.com cdn.ampproject.org *.cdn.ampproject.org radar.cedexis.com *.cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'; default-src 'self' 'unsafe-inline' blob: data: *.pinimg.com *.pinterest.com accounts.google.com fonts.gstatic.com fonts.googleapis.com use.typekit.net; frame-src *; img-src * data: blob:; connect-src *; worker-src * blob:; report-uri /_/_/csp_report/?reportonly
x-envoy-upstream-service-time: 75
vary: User-Agent, Accept-Encoding
x-pinterest-rid: 1500841351799170
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
pinterest-version: f2bf91b
referrer-policy: origin
x-frame-options: SAMEORIGIN
date: Fri, 31 Dec 2021 19:02:15 GMT
expect-ct: max-age=86400, report-uri="https://www.pinterest.com/_/_/expect_ct_report/"
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
pinterest-generated-by: coreapp-webapp-prod-0a03fea4

GET
H3 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/ 77 KB
28 KB 88ms
41ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCrqv-RXGLY0dD0fOAp6izluiITBFiZC6Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53151b27d3fe0aee685683cbe17655b3211283291e189219412694165053950e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 08:34:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37663
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28790
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:54:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 08:34:35 GMT

GET
H3 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/ 297 KB
91 KB 104ms
58ms Script
text/javascript 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/47/3/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCrqv-RXGLY0dD0fOAp6izluiITBFiZC6Y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

078316556d1ea20ac469d50ac1313f3837b5d00001e6cce069d3fb1a0c5e96c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Sat, 25 Dec 2021 16:07:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 528866
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 92718
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:54:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 25 Dec 2022 16:07:52 GMT

GET
H/1.1 200
OK event Show response
bttrack.com/engagement/ 0
401 B 97ms
96ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215447%22%2C%22sessionId%22%3A%2243ac56ee-bbfd-4f8a-b830-b423d6b18b6d%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A2%2C%22url%22%3A%22https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15447&cb=1640977334119
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track002-dc3
Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:19 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Content-Type: text/plain
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK event Show response
bttrack.com/engagement/ 0
401 B 97ms
97ms XHR
text/plain 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to

Full URL: https://bttrack.com/engagement/event?input=%7B%22globalId%22%3A%2200000000-0000-0000-0000-000000000042%22%2C%22creativeId%22%3A%22%22%2C%22placementId%22%3A%22%22%2C%22goalId%22%3A%2215447%22%2C%22sessionId%22%3A%2243ac56ee-bbfd-4f8a-b830-b423d6b18b6d%22%2C%22parentPublisherId%22%3A%22%22%2C%22publisherId%22%3A%22%22%2C%22siteId%22%3A%22%22%2C%22commonId%22%3A%22%22%2C%22heartbeat%22%3A3%2C%22url%22%3A%22https%3A%2F%2Fwww.turningstone.com%2Fgaming%2Fslots%3Famp%3Butm_source%3DADOBE%26amp%3Butm_medium%3Demail%26amp%3Butm_campaign%3DON_GM_RESORT_EM_RESWKLY_2112XXW%26amp%3Butm_profileid%3D5af2da77-82fb-423c-9744-8bf022b23962%22%2C%22fingerprint%22%3A%22%22%2C%22fingerprintProvider%22%3A%22%22%7D
Requested by: Host: bttrack.com
URL: https://bttrack.com/engagement/js?goalId=15447&cb=1640977334119
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.turningstone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

X-ServerName: Track001-dc3
Pragma: no-cache
Date: Fri, 31 Dec 2021 19:02:24 GMT
Content-Encoding: gzip
X-AspNetMvc-Version: 5.2
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
P3P: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Access-Control-Allow-Origin: *
Cache-Control: private,no-cache
Content-Type: text/plain
Content-Length: 0
Expires: -1

Verdicts & Comments Add Verdict or Comment

119 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

70 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.on-enterprises.com/	1970-01-20 17:20:49	Name: AMCV_0D5076895EC253C40A495F8A%40AdobeOrg Value: MCMID%7C29345874635632148471936266364792602623
.on-enterprises.com/	1969-12-31 23:59:59	Name: nlid Value: 1507691\|1c2d9cc
www.turningstone.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: lgcs2kgnebitcqong60bdsmbo7
.adnxs.com/	1970-01-20 01:59:13	Name: uuid2 Value: 833542628342827825
.simpli.fi/	1970-01-20 08:36:39	Name: suid Value: EA2A50662D6D4C65A3EC3481C84879BD
www.turningstone.com/	1970-01-19 23:50:20	Name: isshowModal Value: 1
.simpli.fi/	1970-01-19 23:59:42	Name: uid_syncd_secure Value: true
.crwdcntrl.net/	1970-01-20 06:18:25	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 06:18:25	Name: _cc_id Value: 80fe945f573b64ec5f4ce7af5a500365
.crwdcntrl.net/	1970-01-20 06:18:25	Name: _cc_cc Value: "ACZ4XmNQsDBIS7U0MU0zNTdOMjNJTTZNM0lONU9MM000NTAwNjNlAILE88FbQTQUAABfEAsl"
.crwdcntrl.net/	1970-01-20 06:18:25	Name: _cc_aud Value: "ABR4XmNgYGBIPB%2B8FUhBAQAbjgI5"
.3lift.com/	1970-01-20 01:59:13	Name: tluid Value: 12324132294808382372
.turningstone.com/	1970-01-20 01:59:13	Name: _gcl_au Value: 1.1.1052810229.1640977334
www.turningstone.com/	1969-12-31 23:59:59	Name: ruckus_sid Value: G0foLdRZcXIB6JVmXTkFTKo4Rvf8SWfwtcLn3KQEmtel7Es8qX
.tapad.com/	1970-01-20 01:16:01	Name: TapAd_TS Value: 1640977333931
.tapad.com/	1970-01-20 01:16:01	Name: TapAd_DID Value: babc8501-4df9-4a3a-8467-99fef022e2e3
.agkn.com/	1970-01-20 08:35:13	Name: ab Value: 0001%3AujLy%2BSfK6OM1CMQ2s1Y7LCzjOOKYEjQ7
.exelator.com/	1970-01-20 02:42:25	Name: EE Value: "8d1eb257a57a7148be6b6a3be519ba7a"
.tapad.com/	1970-01-20 01:16:01	Name: TapAd_3WAY_SYNCS Value:
.pro-market.net/	1970-01-20 00:32:49	Name: anHistory Value: "1453ovkig2cvk+2+!#7%.&*#gQ."
.exelator.com/	1970-01-20 02:42:25	Name: ud Value: "eJxrXxzq6XKLQcEixTA1ycjUPBGIzA1NLJJSzZLMEo2TUk0NLZMSzRMXl6UWLVhaWpyaknRoSUVOSU7T6rL4UMd4N0dfT5%252FIZc4ZRfm5qSvAQmGuQYsszZbkF2WmL3JxXVyUksawqKT4VPB%252BjvcAmg0qfw%253D%253D"
.turningstone.com/	1970-01-19 23:51:03	Name: _gid Value: GA1.2.1149229461.1640977334
.agkn.com/	1970-01-20 08:35:13	Name: u Value: C\|0AAAAAAAAKWIQNgAAAAAA
.turningstone.com/	1970-01-20 17:20:49	Name: _ga_85B0Q711Z7 Value: GS1.1.1640977333.1.0.1640977333.0
.bluekai.com/	1970-01-20 04:08:49	Name: bkdc Value: phx
.bluekai.com/	1970-01-20 04:08:49	Name: bkpa Value: KJpEnXTLu5DlLgx6BgEwEnaN5EH0BeDy1pB01U1hzERp5EHt5ERtLEO6+MYh1n56zQW9vm6n3Q==
.bluekai.com/	1970-01-20 04:08:49	Name: bku Value: blx99njEpts+4s6g
.spotxchange.com/	1970-01-20 08:35:17	Name: audience Value: 2a598224-6a6c-11ec-a82f-1df4c96b0506
.pro-market.net/	1970-01-20 04:08:49	Name: anProfile Value: "1453ovkig2cvk+1+1f=1+1g=1+1j=41+rs=s+rt=2A031B200006F011000000000000009E+s2=(r4zu7p)+vm=24-EA2A50662D6D4C65A3EC3481C84879BD:53-CAESENf1iqonxQvde_yY7sXuFdU"
.doubleclick.net/	1970-01-20 09:11:13	Name: IDE Value: AHWqTUnwBAiFx_cEWc6RMSLu7y9RTHV2B8va-AEzAGJzyxJIUsg-1EYr-m-L0K41
.turningstone.com/	1970-01-20 01:59:13	Name: _fbp Value: fb.1.1640977334158.1645187108
.linkedin.com/	1970-01-20 00:32:49	Name: UserMatchHistory Value: AQI6KSQrhR-O4gAAAX4R3v-zrg2RBjy3jnxHkWhAXPi2p9ud-QC8IoLBYOYs0a8D5XusoqF9R7a8wg
.linkedin.com/	1970-01-20 00:32:49	Name: AnalyticsSyncHistory Value: AQIDbiPcx-ux8AAAAX4R3v-zgqp0RdxqTqGaQer-gmIsM6kNn8dB7iYtdcuG1TC7Xyfm53_-7-_u8iTpSIo1OQ
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 17:21:31	Name: bcookie Value: "v=2&37f36a9b-600b-4583-8fd3-41612d425715"
.linkedin.com/	1970-01-19 23:51:03	Name: lidc Value: "b=VGST07:s=V:r=V:a=V:p=V:g=2243:u=1:x=1:i=1640977334:t=1641063734:v=2:sig=AQEaVFKoMIZ8ur7cT-zRRdP09V34a-Rm"
.turningstone.com/	1970-01-20 17:20:49	Name: _ga Value: GA1.2.1832163018.1640977334
.turningstone.com/	1970-01-19 23:49:37	Name: _gat_UA-1462378-1 Value: 1
.bfmio.com/	1970-01-20 08:35:13	Name: __141_cid Value: EA2A50662D6D4C65A3EC3481C84879BD
.bfmio.com/	1970-01-20 08:35:13	Name: __io_cid Value: 247554a385c5bb240a9569cb06e40182722a0f39
.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=de-de
.www.linkedin.com/	1970-01-20 17:21:31	Name: bscookie Value: "v=1&202112311902142fcef148-9941-4167-8226-a16667def209AQHhYUCFuUcgiz1mCiPthbBKzBHjTuyK"
.linkedin.com/	1970-01-20 17:01:16	Name: li_gc Value: MTswOzE2NDA5NzczMzQ7MjswMjF/xZHKK+2sDscXEeg7hf0j7HhYluSNE4ptdqi81sN25Q==
.turningstone.com/	1970-01-20 08:35:13	Name: _pin_unauth Value: dWlkPVpXSXhOVEJpTWpZdE9HRmxaQzAwTWpBMUxUazJPV1F0TjJSak56VTFNR1k0TWprNQ
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQ0NDc3tTS2NDI2sjQwNTW0NBHiM9QtLi0oCUw09In0MtYFAL5roY4lAAAA
.rfihub.com/	1970-01-20 09:11:13	Name: rud Value: H4sIAAAAAAAAAOMSNrQ0NDc3tTS2NDI2sjQwNTW0NBHiM9QtLi0oCUw09In0MtaV4jU0MzGwNDc3NjaxMDUGAFUC3DU0AAAA
.adnxs.com/	1970-01-20 01:59:13	Name: anj Value: dTM7k!M4.gD>6NRF']wIg2In<ltnd$!]tb`8i_jC:lq+Z:3[VYUQARN]QulQobO`_cMjk_+g7=Q4v^3OtQtZ6CmUk(d<YkLd@<)OO0lED`D(2MkyP=jHBZRNwnN'<=N-2TUEZ9)QP.9sk@3@'s>TnJo7a
.casalemedia.com/	1970-01-20 08:35:13	Name: CMID Value: Yc9TthKnxZnZ-Z7Xsc9eZAAA
.casalemedia.com/	1970-01-20 01:59:13	Name: CMPS Value: 3274
.casalemedia.com/	1970-01-20 01:59:13	Name: CMPRO Value: 1150
.casalemedia.com/	1970-01-19 23:51:03	Name: CMST Value: Yc9Tt2HPU7cA
.casalemedia.com/	1970-01-20 08:35:13	Name: CMRUM3 Value: 3961cf53b727601917759392329055194
.media.net/	1970-01-20 08:35:13	Name: visitor-id Value: 2839789358397744000V10
.media.net/	1970-01-20 08:33:46	Name: data-rk Value: 1917759392329055194~~3
.rezync.com/	1970-01-20 04:08:20	Name: zync-uuid Value: d8b9c1e6-9b45-48e6-9926-1d9ced9addf6:1640977335.09
live.rezync.com/	1970-01-20 04:08:49	Name: sd-session-id Value: .eJwVysEKgjAYAOBXif_sYc6GTOgQWBI0R6SNeRGzQXNp4SbExHfPjh98M9QfNfbNoAYHiRsnFUD70qssJDNY7XtlIIGQhnFMaERxhCkiJKRbWAKwylr9Hmr9-O_NfZ1V-tRcsG9VSMfFCeVXhHhW4nNhCOukY-JCJL4ZLo6myiTm3QHn6Z7kvvXMlxNLzQ6W5QeQ8jBA.FLDlNw.Jj0XCK7oCxYCJMFhr82Qlq2fXHo
.bidswitch.net/	1970-01-20 08:35:13	Name: tuuid Value: 6aecf58f-cc56-4b79-999a-28b0de402b84
.bidswitch.net/	1970-01-20 08:35:13	Name: c Value: 1640977335
.bidswitch.net/	1970-01-20 08:35:13	Name: tuuid_lu Value: 1640977335
.krxd.net/	1970-01-20 04:08:49	Name: _kuid_ Value: OkvqoyTi
.demdex.net/	1970-01-20 04:08:49	Name: demdex Value: 55931547689278032093371730489869840319
.dpm.demdex.net/	1970-01-20 04:08:49	Name: dpm Value: 55931547689278032093371730489869840319
.everesttech.net/	1970-01-20 08:35:13	Name: everest_g_v2 Value: g_surferid~Yc9TtwACEHPvFwBK
www.pinterest.de/	1970-01-20 08:28:01	Name: _pinterest_sess Value: TWc9PSZMWnFyOFRmek5DZ1dnc3BGU2ZWbGFQMTlTTlVBaFZsdEN2Qkltc0VIZnVoUVUzZml0djBCVjlRazNpS2pucTVhbVdhUDhNQUpFbzU5a1NJWjNzcitsQWdDcDRTTUs0WlM5d1dJcTBMNDVNK3F2ZENtdGdMWjhiOHhObXcwK3ZicyZFMFpVeWQrbFQzRnlxc1pKaVdTNjNjR2dEKzQ9
.eyeota.net/	1970-01-19 23:49:37	Name: SERVERID Value: 24462~DM
.rlcdn.com/	1970-01-20 08:35:13	Name: rlas3 Value: ympuqhsatsBGkf09gP+MLHPBIrwAfNKWDcUA+5gQcXY=
.rlcdn.com/	1970-01-20 01:16:01	Name: pxrc Value: CLenvY4GEgYIuuoBEAA=
.rfihub.com/	1970-01-20 09:11:13	Name: eud Value: H4sIAAAAAAAAAJvFyGtoZmJgaW5ubGxiYWq-Co1_Co3_Co3_C40_iQmVPwuNvwiNvwqNvwmNvwtdPQsq_xYafxGrQGSyZUhJuaOzq0dAmVu5k_cqVoQSU3MTw02saFZwo3kJjb9IGJX_CI0PACyix-9DAQAA
.rfihub.com/	1970-01-20 09:11:13	Name: smd Value: H4sIAAAAAAAAADPiNTQzMbA0Nzc2NjU3MQIAgSeuRA8AAAA
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAFvFKBCZbBlSUu7o7OoRUOZW7uQNAPPUbq8TAAAA

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=EA2A50662D6D4C65A3EC3481C84879BD Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=EA2A50662D6D4C65A3EC3481C84879BD Message: Failed to load resource: the server responded with a status of 451 ()
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'nonce-3259774e6c02d124af6a3843683f529f' 'strict-dynamic' 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'report-sample' 'self' .pinterest.com .pinimg.com .google.com connect.facebook.net .google-analytics.com .facebook.com .googleadservices.com .doubleclick.net .googletagmanager.com .adyen.com .adyenpayments.com cdn.ampproject.org .cdn.ampproject.org radar.cedexis.com .cedexis-test.com www.gstatic.com/recaptcha/ www.recaptcha.net 'unsafe-inline'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10448040.fls.doubleclick.net
20828751p.rfihub.com
2196496.fls.doubleclick.net
8121658.fls.doubleclick.net
a.rfihub.com
aa.agkn.com
adservice.google.com
adservice.google.de
analytics.aweber.com
bcp.crwdcntrl.net
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
bttrack.com
c1.rfihub.net
cdn.bttrack.com
cdn01.basis.net
cdnjs.cloudflare.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
ct.pinterest.com
d.agkn.com
dpm.demdex.net
dsum-sec.casalemedia.com
eb2.3lift.com
fei.pro-market.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
live.rezync.com
loadm.exelator.com
maps.googleapis.com
p.rfihub.com
partners.tremorhub.com
pbid.pro-market.net
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
platform.twitter.com
pro.fontawesome.com
ps.eyeota.net
pubads.g.doubleclick.net
px.ads.linkedin.com
px4.ads.linkedin.com
s.pinimg.com
secure-ds.serving-sys.com
secure.adnxs.com
simplifi.partners.tremorhub.com
snap.licdn.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
syndication.twitter.com
t1.on-enterprises.com
um.simpli.fi
us-u.openx.net
www.bugherd.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.linkedin.com
www.pinterest.com
www.pinterest.de
www.turningstone.com
x.bidswitch.net
x.dlx.addthis.com
104.111.215.191
104.244.42.200
108.174.10.14
13.225.73.121
13.248.245.213
142.250.184.194
142.250.184.198
142.250.185.66
143.204.94.161
143.204.98.33
15.197.193.217
151.101.66.49
169.50.137.176
169.50.137.182
172.217.16.130
178.79.242.181
18.170.15.31
18.198.121.250
18.198.146.150
18.198.69.109
184.87.212.24
185.94.180.126
192.132.33.46
198.8.71.128
2.18.234.21
2.21.141.169
204.194.222.24
216.52.2.39
23.213.161.73
2600:1901:0:8eee::
2600:1f18:612b:4200:ee57:5bc8:4ac0:7a5
2600:9000:2156:5000:1:76cf:fe80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:135e
2606:4700::6812:1634
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c0c::9c
2a00:1450:4019:805::200a
2a02:26f0:6c00::210:ba0a
2a02:26f0:fb:5aa::1931
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.111.84
3.127.178.105
3.229.229.140
34.248.159.172
34.249.77.25
34.98.64.218
35.227.248.159
35.244.174.68
37.252.172.249
37.252.173.27
52.208.103.128
52.22.84.205
52.37.240.167
52.4.31.208
54.237.133.81
66.155.71.149
69.16.175.10
69.173.144.165
005871e2ceaf4a09cc755c9d93e28a87f3e1df0aeb33069f1da2d5513bfcfcad
017bde2ec4565c43de5d457723329ddfc1509ec1b4a2528280901f1bdba55383
035f76cad89b4436226962589da4573cdba89378ed3ef64029e73035d4e122c5
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
07396aad7ac4fe783410539e617c24c840360243ec39cee54b02f34f6ec3ff76
078316556d1ea20ac469d50ac1313f3837b5d00001e6cce069d3fb1a0c5e96c9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0c2df48b15ce4283326521f6d7e14d9c6f8d8f29cf9adf915518eacf586b5488
0d834516b1858ff8962556029c855d4938f949677db8a9d8835b8c978e016119
100e3c8cce2f464a96eca460fa781859f8134b8b4c1ed2d677cec1f56efc5316
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1651ffc0e8153c8a8f7d9b88db286103ba68aecc8577cb0127839d4577a02752
19ff59cbdea49a4c65bffc1941cbc09f722f22ba3cf4f5eb6251b12da738b977
22935f8bfdb9a99c10b6a8966983c0501d1ce122ff5db52cc80fcc53660230f2
2467642156aaba136509f56fd54df5e1804491f0717e529a24310b4d949f35b7
26266edc6cdfb076d253b155c8829316ab90cf0615a7579287ba40f606a6be7f
2636ea404ac34dcd06c8e94340b120caaa02e9747aa6e474c082459281e9f45a
27aa681085171339837313897510c85f7d2fde3f019decb0e852ee980f3eb8af
27bebe78e3b6a4b1664dd4fa83a8cd0187f051631a06248fefa3ef3991a5a92a
2858ddae02d2f1f5ecb46d82e97f1e702556f132a398fd4a75dfb482136ad7a6
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2da579fa2daab52cbb0861543097f591233d0713b4bc460e20f2cbcf655a6e76
2dc7d8dd9b8f40e14240fe3fb86c1897a62ad607cbbde678af6dff1980d5a032
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
328dd32ad02a8c9edd0f99a407cbfe22c6c98eadb551c8fbe77ffc084b756c12
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
3637411c1a0c011f40b41ea69b3ef5cd86a1d75a6963b0f694a8d1b39b44e128
37b17c5135a176a9474521af147d96dfa1fb4ca0f43f00d1400bd1885be3ab9b
386339fee19f807acd9125ee5310424eb72d516d12db4f0fb234ce56514b8907
3da13c424db4d8911082f88e9659a5ed15ae29947b3f3b8760cc7a6119e8140e
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f8926aaf27b0ac1f14f2ea91d7d921fc594638c4299c3d075d120de37eca77f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
495730ab6c4cd6fda6b4bceea679627426fbd35c92e8ee4c1df8338cd0f27972
49d4a702eaabf391f61f53307964a6a4236b30b8f4f3cdadaef20f0f82af56dd
4a040ecf49762ec6af1fff03bfcac4ef901659a5141d188d69b80bb2d6ca0a57
4a717dfa2069b9d19dcc70fb89d06dd255fabf6c04dd76bafcf30429e60043b2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f016390d74449ac54c4abb06c1cce327869c12094eefa281a82edd177a10873
4fe365bba5c26b00acdae240655b7642062b1b082c09971a6d0c3f1f8c8108e2
53151b27d3fe0aee685683cbe17655b3211283291e189219412694165053950e
54076f0094f63a378026b6d4680501d20d9ff66f6edf3bcd30f8eaa22a79aca4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55232dd39e62d18f8a17fa1d3d2f48616c0c1a702a053a62e9289bacc00191d6
58996cb25c8f85b6473989315c8be1794c3dd0e152f277c1e807a54b5e2c8d4e
5ba4dd23c9c00cb89b87fa2021fa9ddaec9e2664a409eb469fc164a8ef12f285
5bdf1120c4df8c868092d0bcb7f2540a85456fd94cd1e1a5570c9b63906b1a5b
5c578caeb2fbad8b9590f1bea49b97cbcdd2b06bae2fb57522ebf235c32df505
61c61bdedc23bebdc7e01c284d071bc40d21cd6ad1d3a16a8d0fba600d96b747
67e734d448797831b0927797e9dd77f8fa3abce08ba95baa0cf411b6b53c71ee
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6af7cd3ff7ffbe36b57045563dffcf79630ed00aa9f68b9bf018603c83edf732
72666face3072120d9d8dd56a01cab2bf6e3750a16599153e1d6c8b125fcfc45
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72faf1b7286dd11b38be3621931821c54bb564d5e015198770ea1f4862ef52e2
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
799c11bc88ff18b22afdb85c0b478a7b18f26fb1a546d50127d3b92ff022f0a8
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
7f02555c17ab01620911be6088305c7137bfc6ae29f1d2811ce7beddb8437d5c
81a17750660243d87d63fcdfb704e2a0d6bb71cf48470aad3743024cc040e46e
82532eb507339f95a40d342218fde8201db6f972ef9ddd2ba53bb05fa64782c4
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
839139e1809ceda2eafa979e9b6fa69213e89a5159d7fb0ba13e0721e948455c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
871415d52c0c3e3d4b0cfd806ca6295a5c3daf8164489564cad7bbd2429f1dec
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8a4f8f364f52615da9e852ad434bb366a308d0ceac05cad7e5ffb5c9946588fc
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e66a74935062224e1db11dbd0c39e3d5ea0ee272b2471d8617a49a6c95a20a7
8fb42be2ad06b29952e4cfbc8fa7dd750d279a14da0db7a4c7074d315f43f3c2
909c959034304ea400b41eea4326c355e0e7c4c8cf76369f8430756362d11bef
91a9d7a29fe8f1823c99e7ba6a8e872a0851cb04908948ac07aa576fa1d1b169
936ce48a0474a9b732df095ec42b7adc4cf319bf8524e689a34454c6e9be46b8
97719c71e44494e537beba8d51c6bb268a34dcd867fdefc431229225ca734b46
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a0f6d26b776c4a0c7c1bdb059e4d204e3312ee5eda177cf55a43fcf033e3308
9aafb465a39e5ce9cdea0237c57406e0df413bf382e5064ab689f0ff5fb997a3
9db647cc0699a4c4d65bf404e5c236f62131c59c07f8529a215015ce76a2896f
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a284578ae52bed337852df2eee6e8dd7f41adda59ba3cd33601b4cdf5b438f90
a57847fe8d64431a3dc934c30937bf91801e535b39c979b0e3125b35bb1b4a19
af99192320b4851c048a7b0b99600213b5d9cc9cf1fd0988de71d49c9676d189
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2b50ff69b1550aa06c277b8c94f59c237c8a049b4b7a2e72c3f7069caef0840
b53f94591e4fcf57b3f4e660eeec00ace3319593a6a4aed17957b00a288779e2
b82eaab6f470ecfbc55a05a217839a1f0c2d64d0816918f8edb3d6ed808c7b0e
b8aa46c67dd12b1fb7f59d7fb3f8457bc5a846b781411711cbaf030630534b7e
b9f0748c8e7fd8c3ce8f2ab8aa6ea0f16d5398ce06df08c0e6458cae875a81ef
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd80ae8e3e2bda63c74d0584cc96aa28d5a54b7a7384ff046ed4082c3d642f6f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d199e471269e22f99bb0ee11256be4cb297ec0ef90fd20ec28922f258029d332
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d61baec4a76d813da87f47377c099bc22309b603aa69b6b073cae82788001680
d73751c602869ed74f9f4ea61bbb66877dff9dc9f95042fc9ecbc3b2bfedea7e
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
db2c2bb3b1554ecfddf3479638f1ab0d7eead5382ac42018134a6066b5cac931
db81ccd7d6d4068dc088b0f3f8cca6bd80611fb2495fd171248f3936a7be569d
dc37210bdd2e6f1b0c1ea7295c47c9cb272255e20f720d6d7e6d4a2d411bb7b6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4344d6d4e57a9b8639b01ddb8333e5f57cd5240d806fb7febcaa81f2bb282b3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efbb08a3fd3cf65d79d1726c95cf23ba7fa2c39eb35dd6916cb9cd16426ea68c
f0cd443d83c3cee918d86f8188a417ea6ebdb6d74678c41b6773b56f66e4de0c
f52e83b4a04d8588b5482dd316b1f7ea450733e6a236e30f0119f90693df691d
f57a038a716263766ff4d7f7d8a6ea13b22701ae6fc91e8b1b52fd8784844d23
f5844d119b0d7d2d0f427bb92c5e16959b51f66509c63bf2f44a4795d7886537
f64c35bebf2deb90fb5078331a1d5e9926ab9bb49b551d0afecdcf064c2aa09f
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ff0798d2bdf63cf8331adc8bd82146a2126f09a0bdf14b96492b0ac1f679a22a

www.turningstone.com Open in urlscan Pro 52.4.31.208 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

178 Requests

82 %HTTPS

33 %IPv6

56 Domains

80 Subdomains

64 IPs

7 Countries

8343 kBTransfer

11636 kBSize

70 Cookies

22 Outgoing links

Page URL History

Redirected requests

178 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.turningstone.com Open in urlscan Pro
52.4.31.208 Public Scan

Screenshot
Live screenshot

Full Image

178
Requests

82 %
HTTPS

33 %
IPv6

56
Domains

80
Subdomains

64
IPs

7
Countries

8343 kB
Transfer

11636 kB
Size

70
Cookies

178 HTTP transactions
0 data transactions