www.chaseonthelake.com
Open in
urlscan Pro
2606:4700::6811:b93a
Public Scan
URL:
https://www.chaseonthelake.com/
Submission: On February 21 via automatic, source certstream-suspicious — Scanned from DE
Submission: On February 21 via automatic, source certstream-suspicious — Scanned from DE
Summary
This website contacted 15 IPs
in 3 countries
across 16 domains to perform 55 HTTP transactions.
The main IP is 2606:4700::6811:b93a, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.chaseonthelake.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 1st 2022. Valid for: a year.
This is the only time www.chaseonthelake.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 1st 2022. Valid for: a year.
This is the only time www.chaseonthelake.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
27
2606:4700::6811:b93a
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| www.chaseonthelake.com | |
| cdn.galaxy.tf | |
| image-tc.galaxy.tf |
3
2a00:1450:4001:813::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
3
107.178.244.119
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 119.244.178.107.bc.googleusercontent.com
| beacon.sojern.com | |
| pixel.sojern.com |
2
142.250.181.230
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net
| ad.doubleclick.net |
4
185.89.211.84
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| secure.adnxs.com |
4
172.217.16.194
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net
| cm.g.doubleclick.net |
1
185.89.210.20
(Frankfurt am Main, Germany)
ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 944.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
| ib.adnxs.com |
1
3.33.220.150
(United States)
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
| match.adsrvr.org |
2
34.120.195.249
(Kansas City, United States)
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com
| o478535.ingest.sentry.io |
2
195.244.31.25
(Newark, United States)
ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net
ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net
| dynamic.travelclick-websolutions.com |
3
2a00:1450:4001:80b::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 14 |
chaseonthelake.com
www.chaseonthelake.com |
651 KB |
| 13 |
galaxy.tf
cdn.galaxy.tf — Cisco Umbrella Rank: 118980 image-tc.galaxy.tf — Cisco Umbrella Rank: 89598 |
1 MB |
| 6 |
doubleclick.net
6 redirects
ad.doubleclick.net — Cisco Umbrella Rank: 164 cm.g.doubleclick.net — Cisco Umbrella Rank: 205 |
3 KB |
| 5 |
adnxs.com
3 redirects
secure.adnxs.com — Cisco Umbrella Rank: 385 ib.adnxs.com — Cisco Umbrella Rank: 203 |
5 KB |
| 4 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35 region1.google-analytics.com — Cisco Umbrella Rank: 2506 |
20 KB |
| 4 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43 |
3 KB |
| 3 |
sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 5221 pixel.sojern.com — Cisco Umbrella Rank: 7473 |
2 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
95 KB |
| 3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50 |
191 KB |
| 2 |
tsa-db.com
api.tsa-db.com — Cisco Umbrella Rank: 64402 |
1 KB |
| 2 |
travelclick-websolutions.com
dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 125174 |
6 KB |
| 2 |
sentry.io
o478535.ingest.sentry.io — Cisco Umbrella Rank: 151990 |
648 B |
| 2 |
google.com
2 redirects
adservice.google.com — Cisco Umbrella Rank: 72 fcmatch.google.com — Cisco Umbrella Rank: 2845 |
1 KB |
| 1 |
adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295 |
265 B |
| 1 |
youtube.com
fcmatch.youtube.com — Cisco Umbrella Rank: 2852 |
432 B |
| 1 |
google.de
adservice.google.de — Cisco Umbrella Rank: 9006 |
476 B |
| 55 | 16 |
| Domain | Requested by | |
|---|---|---|
| 14 | www.chaseonthelake.com |
www.chaseonthelake.com
|
| 10 | image-tc.galaxy.tf |
www.chaseonthelake.com
|
| 4 | cm.g.doubleclick.net | 4 redirects |
| 4 | secure.adnxs.com |
2 redirects
www.chaseonthelake.com
|
| 4 | fonts.googleapis.com |
www.chaseonthelake.com
|
| 3 | www.google-analytics.com |
www.googletagmanager.com
www.chaseonthelake.com |
| 3 | cdn.galaxy.tf |
www.chaseonthelake.com
|
| 3 | fonts.gstatic.com |
fonts.googleapis.com
|
| 3 | www.googletagmanager.com |
www.chaseonthelake.com
www.googletagmanager.com |
| 2 | api.tsa-db.com |
www.chaseonthelake.com
|
| 2 | dynamic.travelclick-websolutions.com |
www.chaseonthelake.com
|
| 2 | o478535.ingest.sentry.io |
www.chaseonthelake.com
|
| 2 | pixel.sojern.com |
www.chaseonthelake.com
|
| 2 | ad.doubleclick.net | 2 redirects |
| 1 | region1.google-analytics.com |
www.chaseonthelake.com
|
| 1 | match.adsrvr.org |
www.chaseonthelake.com
|
| 1 | ib.adnxs.com | 1 redirects |
| 1 | fcmatch.youtube.com |
www.chaseonthelake.com
|
| 1 | fcmatch.google.com | 1 redirects |
| 1 | adservice.google.de |
www.chaseonthelake.com
|
| 1 | adservice.google.com | 1 redirects |
| 1 | beacon.sojern.com |
www.chaseonthelake.com
|
| 55 | 22 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| reservations.travelclick.com |
| www.facebook.com |
| www.instagram.com |
| amadeus.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| www.chaseonthelake.com Cloudflare Inc ECC CA-3 |
2022-11-01 - 2023-11-01 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1C3 |
2023-02-01 - 2023-04-26 |
3 months | crt.sh |
| cdn.galaxy.tf Cloudflare Inc ECC CA-3 |
2022-05-06 - 2023-05-06 |
a year | crt.sh |
| image-tc.galaxy.tf Cloudflare Inc ECC CA-3 |
2022-06-08 - 2023-06-07 |
a year | crt.sh |
| *.sojern.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-17 - 2024-02-17 |
a year | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
| *.ingest.sentry.io R3 |
2023-02-16 - 2023-05-17 |
3 months | crt.sh |
| *.travelclick-websolutions.com Gandi Standard SSL CA 2 |
2022-06-16 - 2023-07-08 |
a year | crt.sh |
| *.tsa-db.com Amazon |
2022-03-30 - 2023-04-28 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.chaseonthelake.com/
Frame ID: CB3B0D829B17DA6600FFA6F03C1E5B09
Requests: 52 HTTP requests in this frame
Frame:
https://www.chaseonthelake.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677009600
Frame ID: 578F6F259EE047EDB86589FEFB459830
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
Hotels in Walker MN - Chase on the Lake Resort & Spaarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plustripadvisorinstagrampauseplaycrossquote-opensunhamburgermailmarkerclockcheckpinterestyoutubewechatlinkedintiktokline-msgwhatsappweibogallery-videotrianglehotelhotel-airlogoutarrow-downxingpersontriangle-rulerbedfloorplangoogleuploadclosecalendarguestsearchremovehotelmap-viewlist-viewvideo-playvideo-pausezoom-magnifychain-linkalertheightdimensionsmax-capacitystarreview-usertrashtagcircle-enlargecircle-videoDetected technologies
AppNexus
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adnxs\.(?:net|com)
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Osano
(Cookie compliance)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- cookieconsent\.min\.js
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
URL: https://reservations.travelclick.com/114270?HotelId=114270&languageid=1&rooms=1&adults=1&roomtypeid=517561
Title: Book now opens in a new tab
Title: Book now opens in a new tab
Search URL Search Domain Scan URL
URL: https://reservations.travelclick.com/114270?HotelId=114270&languageid=1&rooms=1&adults=1&roomtypeid=517567
Title: Book now opens in a new tab
Title: Book now opens in a new tab
Search URL Search Domain Scan URL
URL: https://reservations.travelclick.com/114270?HotelId=114270&languageid=1&rooms=1&adults=1&roomtypeid=517563
Title: Book now opens in a new tab
Title: Book now opens in a new tab
Search URL Search Domain Scan URL
URL: https://www.facebook.com/chaseonthelake/
Search URL Search Domain Scan URL
URL: https://www.instagram.com/chase_on_the_lake/?hl=en
Search URL Search Domain Scan URL
URL: https://amadeus.com/en
Title: Amadeus
Title: Amadeus
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://ad.doubleclick.net/ddm/activity/src=11738415;type=homep0;cat=chase0;qty=1;cost=undefined;u1=;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u15=undefined;u16=%252F;u17=;u18=;u19=114270;u20=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefined HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=11738415;dc_pre=CIHG1-a8p_0CFYHZGQod0BsN1A;type=homep0;cat=chase0;qty=1;cost=undefined;u1=;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u15=undefined;u16=%252F;u17=;u18=;u19=114270;u20=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefined HTTP 302
- https://adservice.google.com/ddm/fls/p/src=11738415;dc_pre=CIHG1-a8p_0CFYHZGQod0BsN1A;type=homep0;cat=chase0;qty=1;cost=undefined;u1=;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u15=undefined;u16=%252F;u17=;u18=;u19=114270;u20=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefined;~oref=https://www.chaseonthelake.com/ HTTP 302
- https://adservice.google.de/ddm/fls/p/src=11738415;dc_pre=CIHG1-a8p_0CFYHZGQod0BsN1A;type=homep0;cat=chase0;qty=1;cost=undefined;u1=;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u10=undefined;u11=undefined;u12=undefined;u13=undefined;u15=undefined;u16=%252F;u17=;u18=;u19=114270;u20=undefined;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=undefined;~oref=https://www.chaseonthelake.com/
- https://secure.adnxs.com/px?id=1584491&order_id=5e543256c480ac577d30f76f9120eb74&other=undefined&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fpx%3Fid%3D1584491%26order_id%3D5e543256c480ac577d30f76f9120eb74%26other%3Dundefined%26t%3D1
- https://secure.adnxs.com/seg?add=30056280&t=1 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D30056280%26t%3D1
- https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=m4sCwzR3ok-h1Zb3aDbpAw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=QpeB3EtbN65OFU_kRHWOKm2NbHhhZyeaR3MOPePGcLdd4XgWqLblyv-WrkRgUY6y&sjrn_ula=7140660373 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=m4sCwzR3ok-h1Zb3aDbpAw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=QpeB3EtbN65OFU_kRHWOKm2NbHhhZyeaR3MOPePGcLdd4XgWqLblyv-WrkRgUY6y&sjrn_ula=7140660373&google_tc= HTTP 302
- https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=QpeB3EtbN65OFU_kRHWOKm2NbHhhZyeaR3MOPePGcLdd4XgWqLblyv-WrkRgUY6y&sjrn_ula=7140660373&google_gid=CAESEDQ4DLveW7w7CPrh5yCXkv8&google_cver=1
- https://cm.g.doubleclick.net/pixel?google_hm=m4sCwzR3ok-h1Zb3aDbpAw&google_nid=sojern_adh HTTP 302
- https://cm.g.doubleclick.net/pixel?google_hm=m4sCwzR3ok-h1Zb3aDbpAw&google_nid=sojern_adh&google_tc= HTTP 302
- https://fcmatch.google.com/pixel?google_gm=AMnCDorPcWq0ZF-MY4bd2-C4YJfFW_UIcg0SodcZY-6zq45EGUoygzZrlP30p5IfO1rIpwQWBu61TuVPtc_khoYhFegWCZpELw3ATsGh7yiZ_Iq8E-rTHEs HTTP 302
- https://fcmatch.youtube.com/pixel?google_gm=AMnCDorPcWq0ZF-MY4bd2-C4YJfFW_UIcg0SodcZY-6zq45EGUoygzZrlP30p5IfO1rIpwQWBu61TuVPtc_khoYhFegWCZpELw3ATsGh7yiZ_Iq8E-rTHEs
- https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=QpeB3EtbN65OFU_kRHWOKm2NbHhhZyeaR3MOPePGcLdd4XgWqLblyv-WrkRgUY6y HTTP 302
- https://pixel.sojern.com/idsync/apn?id=4692926930386414357&sjrn_id=QpeB3EtbN65OFU_kRHWOKm2NbHhhZyeaR3MOPePGcLdd4XgWqLblyv-WrkRgUY6y
55 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
www.chaseonthelake.com/ |
72 KB 17 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
7 KB 708 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
11 KB 910 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
6 KB 694 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
www.chaseonthelake.com/css/custom/4617/1/4a85cfa89624edf6f0a7170f90afc837/ |
731 KB 102 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
207 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
161 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
svg-icons.svg
www.chaseonthelake.com/integration/tc-theme/public/svg/ |
61 KB 19 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
cookieconsent.min.js
www.chaseonthelake.com/integration/tc-theme/public/vendor/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
43 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1633383124_615b72d4e92bb-thumb.svg
cdn.galaxy.tf/uploads/s/cms_image/001/633/383/ |
438 B 534 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
classic-double-queen-jpg-1_standard.jpg
image-tc.galaxy.tf/wijpeg-8vmjqenvmcjthzdlc0kreluee/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
co3bmX5slCNuHLi8bLeY9MK7whWMhyjYqXtK.woff2
fonts.gstatic.com/s/cormorantgaramond/v16/ |
20 KB 20 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v25/ |
30 KB 30 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
king-suite-jpg-1_standard.jpg
image-tc.galaxy.tf/wijpeg-2bocggba12iakdzibdq787yw9/ |
14 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
classic-double-queen_standard.jpg
image-tc.galaxy.tf/wijpeg-2czl39v8buk29a3i8fz7kjlvs/ |
12 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1633372233_615b4849385c0-thumb.svg
cdn.galaxy.tf/uploads/s/cms_image/001/633/372/ |
435 B 358 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
save-5-and-save_wide.jpg
image-tc.galaxy.tf/wijpeg-5yx8b854uyb8s7mqg493bqi0l/ |
81 KB 81 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1633384257_615b774160afd-thumb.svg
cdn.galaxy.tf/uploads/s/cms_image/001/633/384/ |
435 B 359 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
galaxy-helpers.js
www.chaseonthelake.com/frontend/galaxy-helpers/public/ |
56 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
5
beacon.sojern.com/pixel/cp/ |
4 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
adservice.google.de/ddm/fls/p/src=11738415;dc_pre=CIHG1-a8p_0CFYHZGQod0BsN1A;type=homep0;cat=chase0;qty=1;cost=undefined;u1=;u2=undefined;u3=undefined;u4=undefined;u5=undefined;u10=undefined;u11=un... Redirect Chain
|
42 B 476 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bounce
secure.adnxs.com/ Redirect Chain
|
0 1 KB |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
AdX
pixel.sojern.com/idSync/ Redirect Chain
|
42 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel
fcmatch.youtube.com/ Redirect Chain
|
170 B 432 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
apn
pixel.sojern.com/idsync/ Redirect Chain
|
42 B 276 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ |
70 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bundle.js
www.chaseonthelake.com/integration/tc-theme/public/js/ |
1 MB 403 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
7334-feb3a99f007f081126c7.js
www.chaseonthelake.com/integration/tc-theme/public/js/chunk/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
o478535.ingest.sentry.io/api/282725/envelope/ |
2 B 282 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
svg-icons.svg
www.chaseonthelake.com/integration/tc-theme/public/svg/ |
61 KB 19 KB |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
invisible.js
www.chaseonthelake.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 578F |
39 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
7269-136c448adc135a284a97.js
www.chaseonthelake.com/integration/tc-theme/public/js/chunk/ |
70 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
3684-fb2e995958907968abc8.js
www.chaseonthelake.com/integration/tc-theme/public/js/chunk/ |
26 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
header-one-946cc8218eba2362bcbd.js
www.chaseonthelake.com/integration/tc-theme/public/js/chunk/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
4617
dynamic.travelclick-websolutions.com/list/ |
20 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aerial-011.jpg
image-tc.galaxy.tf/wijpeg-dmy3swjffn79db96bf9cq1efr/ |
219 KB 220 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
aerial-012.jpg
image-tc.galaxy.tf/wijpeg-1e95ao5xgzbtgjezxm03mlpik/ |
340 KB 341 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
katiecabakphotographywalkermnweddingphotographerimg-0733.jpg
image-tc.galaxy.tf/wijpeg-6lyqpbasv56eu1cwtbtzvuwj7/ |
134 KB 134 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
pica.js
www.chaseonthelake.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 578F |
19 KB 8 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
79d24d266886912a
www.chaseonthelake.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 578F |
2 B 392 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
114270
api.tsa-db.com/v1/data/hotelID/ Frame |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
chase-on-the-lake-2023-logo-final-outlined.gif
image-tc.galaxy.tf/wigif-3c3dduhr72mhk3dg89suvry13/ |
43 KB 44 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
chase-on-the-lake-2023-logo-final-outlined-white.gif
image-tc.galaxy.tf/wigif-904hppy3qr4hsidsra2szr2ob/ |
21 KB 21 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
4617
dynamic.travelclick-websolutions.com/view/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
114270
api.tsa-db.com/v1/data/hotelID/ |
645 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
aerial-070.jpg
image-tc.galaxy.tf/wijpeg-ej42cmvxlv55etwjx3xmav4gr/ |
257 KB 258 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
200 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
region1.google-analytics.com/g/ |
0 250 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
3 B 68 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
o478535.ingest.sentry.io/api/282725/envelope/ |
198 B 366 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
53 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless object| oncontentvisibilityautostatechange object| galaxyGMS string| BIDnumber number| websiteID number| cms string| ts_roll_up_tracking object| ts_analytics object| dl object| dataLayer object| galaxyInfo string| _dynamic_base object| websiteGlobalVariables object| headerMenu object| headerConfigs object| google_tag_manager object| google_tag_data function| postscribe object| google_tag_manager_external string| key object| cookieconsent object| glxhprs object| webpackJsonpglxhprs object| GalaxyHelpers object| traductionBM object| validationMessages object| tcthemejsonpFunction object| picturefillCFG function| picturefill boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| regeneratorRuntime object| lazySizes object| BM object| __SENTRY__ function| SVGInject object| CustomMap object| CustomMapUI object| GoogleAPIs function| $ function| jQuery function| _ object| errorOptions function| alite object| tcTool object| __ga4Redact string| GoogleAnalyticsObject function| ga object| gaGlobal object| gaplugins object| gaData12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .adnxs.com/ | Name: uuid2 Value: 4692926930386414357 |
|
| .adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E>?o6'@d!]tbP6j2F-XstGt!@DW/$fTKo |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkqdWhKC7JnWaZHIKrGvokHscrB8FNaETdJm28pYWKJSkjui_q98kUeCwmPwRU |
|
| .sojern.com/ | Name: cid Value: 9b8b02c3-3477-a24f-a1d5-96f76836e903#1676937600000 |
|
| .sojern.com/ | Name: apnid Value: 4692926930386414357 |
|
| .sojern.com/ | Name: gid Value: CAESEDQ4DLveW7w7CPrh5yCXkv8 |
|
| .www.chaseonthelake.com/ | Name: __cf_bm Value: NDw4noU8pbLbAaQWjDHFQ7MQLHkGby.oroBiD90aqrI-1677012073-0-AVcAplZWdMXQ5s0vM2KhLu0nApqj4kBnF/gX8VgNfBs7BiyUdL0xUNL1s4ZmZLguu6Yr/aRKaQqspBB68ZNLJ4uxzUNQg9ot1pCLd0PFIsyprrj7Qh++XD6YqLK0Fz9Q9mWzPeA7JGqsg+9hP9a8Hbc= |
|
| .chaseonthelake.com/ | Name: _ga_3R5SJEDWK4 Value: GS1.1.1677012073.1.0.1677012073.0.0.0 |
|
| .chaseonthelake.com/ | Name: _ga Value: GA1.2.2108527587.1677012074 |
|
| .chaseonthelake.com/ | Name: _gid Value: GA1.2.1589710791.1677012074 |
|
| .chaseonthelake.com/ | Name: _gat_tct Value: 1 |
|
| .chaseonthelake.com/ | Name: _gat_tc_client Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=31536000; includeSubdomains; preload |
| X-Content-Type-Options | nosniff |
| X-Frame-Options | SAMEORIGIN |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
adservice.google.de
api.tsa-db.com
beacon.sojern.com
cdn.galaxy.tf
cm.g.doubleclick.net
dynamic.travelclick-websolutions.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
ib.adnxs.com
image-tc.galaxy.tf
match.adsrvr.org
o478535.ingest.sentry.io
pixel.sojern.com
region1.google-analytics.com
secure.adnxs.com
www.chaseonthelake.com
www.google-analytics.com
www.googletagmanager.com
107.178.244.119
142.250.181.230
172.217.16.194
185.89.210.20
185.89.211.84
195.244.31.25
2001:4860:4802:32::36
2600:9000:223f:2600:16:41f8:18c0:93a1
2606:4700::6811:b93a
2a00:1450:4001:808::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:831::2002
2a00:1450:400d:80c::200a
3.33.220.150
34.120.195.249
09c284250e191bf1bf587babfc382fe37c6980e117858f0a946228f25d1699ef
0ac108c52dd11fbce926e8f0638dc9a8b62064c628fc7bf6805a6612a55a8f17
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2082fd707036a2d7096d908658da42d188dbb69b6f96e83b219f9eeaea63e03a
20a2bc4f61e7afa7941783a3b153035e6516a2d289cdf9affd105865a21f6951
23f3237e2b68fb36349f078d16a52776685ae1a8c87de661dffc4e849a07da60
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2714e8a9d003c293ec548c53e9e55efec74326d83ea840c68df9a61da194cfcd
2a975145cd425352384c608ae822029b2202f4a365807bd174692db5cf42baff
2f0f617ac4a2d62468b932dcd56ee437a72608127165c6352fd7c1f2ae07ee78
33758f87d71d98c7c632303003d94a6351294c3eb2612492057049aaee33c643
36f330dc22a17af15afe1f9f261574389d5c8d064421e5e1da9bd8832e2ec65c
39742200d84fdac7636a3827171257ee95130b0b3f4ea81106028511330dd7f9
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
454cb10aa04f53639403ae30da3d51d340c88102339568cf7f594ef0693749fb
4b7036be0de28eaedd9c439d1348927087c59f6e2e66e898d2b44841ee992892
584dfc26a09b20f29619b9e8e25003f632b9849808d0bdac4c3d18809aaad8f8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
673af6afbeebd7739007e53334f54bfd4e9787695ad125953c245c190d815460
679bc42cf76d0a2ed1ded4aaf812433d5a1674085bb7b0bea947a36a65ce94ff
6aca85e28b1526b794397e904f00c5e7a2fd3bbf3dcb9a2dcaa7221f31d33e6a
6b2d3eba8d2b1a07ec6719f5cfc4d0be8c679e1fe4cf2c3f917e53e759b8bfeb
766ab7a46c7d5be2a2009e2805aa234c7c2ae4e0b04da88d0027604362c8e165
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
8a966bfd9feba3a14dc196f1fdc2317c09975b155f4f5d685e24add74f5049e8
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
a9ff7df676353c21f7159a220f19b7d60b53910351ae822322b5280f30664acf
ad143d75162342bd9978cbbbc5d0a20a081d78c954f6b09b3d1f358806a73fb2
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27e37bea4f0d6d833953edcd110a4e04daad2123962747c9f20a84215b50cba
bac10d17440dcd6f6c6c4e0bd7eca2e1a7eec030ef3b1143d4be3791dcf91263
c9277369a5fbe72078b07fc09896d24d278e2ab5220a4a24f382cc1eaab1772c
cdbae2c234c448d31e861504ce291aa6fd2b7d8a7bd14f625b8c29e981fadd94
cdf7c93f8a3710fd5829a67d657a9db3c0385f87c73496386412e19eb1d30dfa
d53b8656b8f584f2303e2ca2e8be93d17c0245e7d62c419c79f701c4219b30cd
d7e37cd5d541e36b061dd39d7c4bd10a1c7e105016c27932ee1653ccf4419cb9
da1ec29d45296c5f9247c88436e114ac5498cbefd48cd17f614aefc79ad8dcd3
dc24da7f1a710d298598b8a4cb80133444e506f2c3529be9daf00e7517d53efb
dedd819433a85f19a697450dfc82b7b354d371cba0b010bbbd904e6976e1e443
e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab4c926d25fed121f4c833125d251ccf3a95f920210c1935a3d1bb2b040925a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f019dde86455121c6114afa7cf8ba48267a0b1bede8edafb6bbfab279e7ea86a
f8850fe302d8bd0208c7a1f446af03c561ef3d0ce09f2bbc8437a4df82077bfb
fb8a99f1eeddc06e28968021a5da4285b3ba8de4aa032ac67e9acb38c06f3818