www.chinookwindscasino.com
Open in
urlscan Pro
44.239.225.108
Public Scan
Submitted URL: http://mail2.chinookwindscasino-email.com/ga/click/2-178925-48-3778-5125-35398-aa48516246-91c315dbcd
Effective URL: https://www.chinookwindscasino.com/casino/?utm_source=EmailIQ&utm_medium=email&utm_content=subscriber_id:178925&utm_campaign=Januar...
Submission: On January 04 via api from US
Effective URL: https://www.chinookwindscasino.com/casino/?utm_source=EmailIQ&utm_medium=email&utm_content=subscriber_id:178925&utm_campaign=Januar...
Submission: On January 04 via api from US
Summary
This website contacted 17 IPs
in 4 countries
across 14 domains to perform 73 HTTP transactions.
The main IP is 44.239.225.108, located in
Boardman, United States and
belongs to AMAZON-02, US.
The main domain is www.chinookwindscasino.com.
TLS certificate: Issued by Amazon on September 21st 2020. Valid for: a year.
This is the only time www.chinookwindscasino.com was scanned on urlscan.io!
TLS certificate: Issued by Amazon on September 21st 2020. Valid for: a year.
This is the only time www.chinookwindscasino.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
104.168.222.2
(Seattle, United States)
ASN54290 (HOSTWINDS, US)
PTR: smtp1-1.mail2.emailiq.ca
ASN54290 (HOSTWINDS, US)
PTR: smtp1-1.mail2.emailiq.ca
| mail2.chinookwindscasino-email.com |
20
44.239.225.108
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-225-108.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-44-239-225-108.us-west-2.compute.amazonaws.com
| www.chinookwindscasino.com |
2
52.216.88.101
(Ashburn, United States)
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
| s3.amazonaws.com |
1
162.218.229.38
(San Antonio, United States)
ASN40156 (THEOPT-HOU, US)
PTR: 162-218-229-38.static.houston.tx.oplink.net
ASN40156 (THEOPT-HOU, US)
PTR: 162-218-229-38.static.houston.tx.oplink.net
| lmgcorporate.com |
1
13.224.100.124
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-100-124.zrh50.r.cloudfront.net
| js.adsrvr.org |
8
35.157.48.14
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-48-14.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-48-14.eu-central-1.compute.amazonaws.com
| tags.w55c.net |
1
2a00:1450:4001:808::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
1
2a00:1450:4001:820::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2a00:1450:4001:809::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
216.239.38.21
(Los Gatos, United States)
ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net
ASN15169 (GOOGLE, US)
PTR: any-in-2615.1e100.net
| jelly.mdhv.io |
1
52.50.124.20
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-20.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-124-20.eu-west-1.compute.amazonaws.com
| insight.adsrvr.org |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 48 |
chinookwindscasino.com
www.chinookwindscasino.com uploads.chinookwindscasino.com |
1 MB |
| 8 |
w55c.net
4 redirects
tags.w55c.net |
5 KB |
| 4 |
googleapis.com
fonts.googleapis.com |
2 KB |
| 3 |
gstatic.com
fonts.gstatic.com |
78 KB |
| 2 |
facebook.com
www.facebook.com |
314 B |
| 2 |
facebook.net
connect.facebook.net |
93 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
19 KB |
| 2 |
adsrvr.org
js.adsrvr.org insight.adsrvr.org |
5 KB |
| 2 |
amazonaws.com
s3.amazonaws.com |
17 KB |
| 1 |
mdhv.io
jelly.mdhv.io |
235 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net |
95 B |
| 1 |
googletagmanager.com
www.googletagmanager.com |
28 KB |
| 1 |
lmgcorporate.com
lmgcorporate.com |
74 KB |
| 1 |
chinookwindscasino-email.com
1 redirects
mail2.chinookwindscasino-email.com |
726 B |
| 73 | 14 |
| Domain | Requested by | |
|---|---|---|
| 28 | uploads.chinookwindscasino.com |
www.chinookwindscasino.com
|
| 20 | www.chinookwindscasino.com |
www.chinookwindscasino.com
|
| 8 | tags.w55c.net |
4 redirects
www.chinookwindscasino.com
|
| 4 | fonts.googleapis.com |
www.chinookwindscasino.com
|
| 3 | fonts.gstatic.com |
fonts.googleapis.com
|
| 2 | www.facebook.com |
www.chinookwindscasino.com
connect.facebook.net |
| 2 | connect.facebook.net |
www.chinookwindscasino.com
connect.facebook.net |
| 2 | www.google-analytics.com |
www.chinookwindscasino.com
|
| 2 | s3.amazonaws.com |
www.chinookwindscasino.com
s3.amazonaws.com |
| 1 | insight.adsrvr.org |
js.adsrvr.org
|
| 1 | jelly.mdhv.io |
www.chinookwindscasino.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | www.googletagmanager.com |
www.chinookwindscasino.com
|
| 1 | js.adsrvr.org |
www.chinookwindscasino.com
|
| 1 | lmgcorporate.com |
www.chinookwindscasino.com
|
| 1 | mail2.chinookwindscasino-email.com | 1 redirects |
| 73 | 16 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| reservations.travelclick.com |
| www.mychinookwindsrewards.com |
| workforcenow.adp.com |
| www.google.com |
| www.facebook.com |
| twitter.com |
| www.instagram.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| chinookwindscasino.com Amazon |
2020-09-21 - 2021-10-21 |
a year | crt.sh |
| s3.amazonaws.com DigiCert Baltimore CA-2 G2 |
2020-08-04 - 2021-08-09 |
a year | crt.sh |
| lmgcorporate.com cPanel, Inc. Certification Authority |
2020-12-27 - 2021-03-27 |
3 months | crt.sh |
| *.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1 |
2019-03-07 - 2021-04-19 |
2 years | crt.sh |
| *.w55c.net Amazon |
2020-08-26 - 2021-09-26 |
a year | crt.sh |
| upload.video.google.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
| *.google-analytics.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2020-12-22 - 2021-03-21 |
3 months | crt.sh |
| *.gstatic.com GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2020-11-10 - 2021-02-02 |
3 months | crt.sh |
| jelly.mdhv.io GTS CA 1D2 |
2020-11-09 - 2021-02-07 |
3 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.chinookwindscasino.com/casino/?utm_source=EmailIQ&utm_medium=email&utm_content=subscriber_id:178925&utm_campaign=January%202021%20Guest%20Survey%20-%20Send
Frame ID: 2FA2409B1423CB536C9F5770489CA423
Requests: 73 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=131epel&ref=https%3A%2F%2Fwww.chinookwindscasino.com%2Fcasino%2F%3Futm_source%3DEmailIQ%26utm_medium%3Demail%26utm_content%3Dsubscriber_id%3A178925%26utm_campaign%3DJanuary%25202021%2520Guest%2520Survey%2520-%2520Send&upid=xmmkfwd&upv=1.1.0
Frame ID: BAF5D0F52979D360354296264648D0D4
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mail2.chinookwindscasino-email.com/ga/click/2-178925-48-3778-5125-35398-aa48516246-91c315dbcd
HTTP 302
https://www.chinookwindscasino.com/casino/?utm_source=EmailIQ&utm_medium=email&utm_content=subscriber_id:178925... Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
- script /\/revslider\/[/\w-]+\/js/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
- script /\/revslider\/[/\w-]+\/js/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
MySQL
(Databases)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- headers link /rel="https:\/\/api\.w\.org\/"/i
- html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
- script /\/revslider\/[/\w-]+\/js/i
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Nginx
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Yoast SEO
(SEO)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Revslider
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[\'"][^']+revslider[/\w-]+\.css\?ver=([0-9.]+)[\'"]/i
- script /\/revslider\/[/\w-]+\/js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
URL: https://reservations.travelclick.com/99805#/guestsandrooms
Title: Book Now
Title: Book Now
Search URL Search Domain Scan URL
URL: http://www.mychinookwindsrewards.com/front/frontLogin.jsp
Title: My Rewards
Title: My Rewards
Search URL Search Domain Scan URL
URL: https://workforcenow.adp.com/mascsr/default/mdf/recruitment/recruitment.html?cid=e62e4b89-7015-4b21-a493-598058bcca97&ccId=2586216661_766&lang=en_US
Title: Careers
Title: Careers
Search URL Search Domain Scan URL
URL: https://www.google.com/maps/dir//1777+NW+44th+Street%2C+Lincoln+City%2C+OR+97367
Title: Get Directions
Title: Get Directions
Search URL Search Domain Scan URL
URL: https://www.facebook.com/chinookwindscasino/
Title: 35,194 Likes Like us on Facebook
Title: 35,194 Likes Like us on Facebook
Search URL Search Domain Scan URL
URL: http://twitter.com/ChinookWinds
Title: 3,068 Followers Follow us on Twitter
Title: 3,068 Followers Follow us on Twitter
Search URL Search Domain Scan URL
URL: https://www.instagram.com/chinookwinds
Title: 1,468 Followers Follow us on Instagram
Title: 1,468 Followers Follow us on Instagram
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mail2.chinookwindscasino-email.com/ga/click/2-178925-48-3778-5125-35398-aa48516246-91c315dbcd
HTTP 302
https://www.chinookwindscasino.com/casino/?utm_source=EmailIQ&utm_medium=email&utm_content=subscriber_id:178925&utm_campaign=January%202021%20Guest%20Survey%20-%20Send Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://tags.w55c.net/rs?id=2f6c701d399c4012974f2d9d368b776c&t=marketing HTTP 302
- https://tags.w55c.net/rs?scc=1&id=2f6c701d399c4012974f2d9d368b776c&t=marketing
- https://tags.w55c.net/rs?id=44c6f8b845e54676914754e30a186554&t=marketing HTTP 302
- https://tags.w55c.net/rs?scc=1&id=44c6f8b845e54676914754e30a186554&t=marketing
- https://tags.w55c.net/rs?id=5bf729f0e9ac46f9b860a2396c8cba75&t=homepage HTTP 302
- https://tags.w55c.net/rs?scc=1&id=5bf729f0e9ac46f9b860a2396c8cba75&t=homepage
- https://tags.w55c.net/rs?id=53bf431e21cc43ba8bf3b615860e8e40&t=homepage HTTP 302
- https://tags.w55c.net/rs?scc=1&id=53bf431e21cc43ba8bf3b615860e8e40&t=homepage
73 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
 Cookie set
/
www.chinookwindscasino.com/casino/ Redirect Chain
|
43 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
settings.css
www.chinookwindscasino.com/wp-content/plugins/revslider/public/assets/css/ |
39 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
master.min.css
www.chinookwindscasino.com/wp-content/themes/chinook/library/css/ |
188 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
s3.amazonaws.com/icomoon.io/42561/ChinookWindsCasino/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
www.chinookwindscasino.com/wp-includes/js/jquery/ |
95 KB 37 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.themepunch.tools.min.js
www.chinookwindscasino.com/wp-content/plugins/revslider/public/assets/js/ |
108 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.themepunch.revolution.min.js
www.chinookwindscasino.com/wp-content/plugins/revslider/public/assets/js/ |
63 KB 20 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gf.placeholders.js
www.chinookwindscasino.com/wp-content/plugins/gravity-forms-placeholders/ |
1 KB 932 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Fun_Bus_800-690x459.jpg
uploads.chinookwindscasino.com/2016/04/30222916/ |
80 KB 80 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
snap_c1.jpg
lmgcorporate.com/kptv/cams/ |
74 KB 74 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
js.adsrvr.org/ |
4 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rs
tags.w55c.net/ Redirect Chain
|
42 B 637 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rs
tags.w55c.net/ Redirect Chain
|
42 B 637 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rs
tags.w55c.net/ Redirect Chain
|
42 B 637 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rs
tags.w55c.net/ Redirect Chain
|
42 B 637 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gravitate_event_tracking.js
www.chinookwindscasino.com/wp-content/plugins/gravitate-event-tracking/ |
11 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
responsive-images.min.js
www.chinookwindscasino.com/wp-content/plugins/gravitate-blocks/library/js/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-ui.min.js
www.chinookwindscasino.com/wp-content/themes/chinook/library/jqui/ |
36 KB 13 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
master.js
www.chinookwindscasino.com/wp-content/themes/chinook/library/js/ |
212 KB 68 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-embed.min.js
www.chinookwindscasino.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
22 KB 982 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
733 B 473 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
737 B 457 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
1 KB 459 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gtm.js
www.googletagmanager.com/ |
71 KB 28 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 18 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
90 KB 23 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
37 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Aces_Taps_2735_1900-300x115.jpg
uploads.chinookwindscasino.com/2016/04/27184613/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Chinooks_Lounge_Remodel_2019-300x115.jpg
uploads.chinookwindscasino.com/2016/04/26134010/ |
10 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Chinooks_Remodel_2019-300x115.jpg
uploads.chinookwindscasino.com/2016/04/26132931/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
coffee_header_1900-300x115.jpg
uploads.chinookwindscasino.com/2016/04/27195516/ |
13 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Euchre_Creek_1900-300x115.jpg
uploads.chinookwindscasino.com/2016/04/29003852/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Rogue_Lounge-1900-300x115.jpg
uploads.chinookwindscasino.com/2016/04/02171553/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Rogue_Remodel_1900-300x115.jpg
uploads.chinookwindscasino.com/2016/04/28191844/ |
11 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Buffet_Dining_Room_1900-300x115.jpg
uploads.chinookwindscasino.com/2016/04/27221645/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Social_Distancing_Lounge_800x600-125x125.jpg
uploads.chinookwindscasino.com/2020/06/18120129/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bingo_800-125x125.jpg
uploads.chinookwindscasino.com/2016/04/22100017/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Keno_800-125x125.jpg
uploads.chinookwindscasino.com/2016/04/22101003/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Poker_800-125x125.jpg
uploads.chinookwindscasino.com/2016/04/22100540/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Slots_800-125x125.jpg
uploads.chinookwindscasino.com/2016/04/22101554/ |
7 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Blackjack_800-125x125.jpg
uploads.chinookwindscasino.com/2016/04/22101108/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Sports_Wagering_Featured_2019-125x125.jpg
uploads.chinookwindscasino.com/2019/08/14134558/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
WC_Member_Card_800x600_v2-125x125.png
uploads.chinookwindscasino.com/2018/03/29170616/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
BLOG_800x600-125x125.jpg
uploads.chinookwindscasino.com/2018/03/30143305/ |
3 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Slot_Blur_1900.jpg
uploads.chinookwindscasino.com/2016/04/28011405/ |
109 KB 109 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Slots_IGT_800-690x459.jpg
uploads.chinookwindscasino.com/2016/03/25233923/ |
70 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Blackjack_25_800-690x459.jpg
uploads.chinookwindscasino.com/2016/04/26204805/ |
42 KB 43 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Sports_Wagering_Featured_2019-690x459.jpg
uploads.chinookwindscasino.com/2019/08/14134558/ |
118 KB 118 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bingo_Cards_800-690x459.jpg
uploads.chinookwindscasino.com/2016/03/28000434/ |
57 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Keno_Card_Balls_800-690x459.jpg
uploads.chinookwindscasino.com/2016/03/28001020/ |
39 KB 39 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Pacwest_Poker_Classic_0068_800-690x459.jpg
uploads.chinookwindscasino.com/2016/03/27233611/ |
35 KB 35 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Footer-Friendship-Pattern.svg
www.chinookwindscasino.com/wp-content/themes/chinook/library/svg/ |
9 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
fonts.gstatic.com/s/raleway/v18/ |
41 KB 42 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icomoon.woff2
s3.amazonaws.com/icomoon.io/42561/ChinookWindsCasino/ |
15 KB 16 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zOL64pLDlL1D99S8g8PtiKchq-dmjcDidBc.woff2
fonts.gstatic.com/s/abrilfatface/v12/ |
13 KB 13 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vm8vdRfvXFLG3OLnsO15WYS5DG74wNJVMJ8b.woff2
fonts.gstatic.com/s/kaushanscript/v9/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 95 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-Q050 |
collect
www.google-analytics.com/ |
35 B 384 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
605132719953521
connect.facebook.net/signals/config/ |
241 KB 70 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
star.gif
jelly.mdhv.io/v1/ |
43 B 235 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
admin-ajax.php
www.chinookwindscasino.com/wp-admin/ |
3 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
admin-ajax.php
www.chinookwindscasino.com/wp-admin/ |
505 B 897 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
admin-ajax.php
www.chinookwindscasino.com/wp-admin/ |
50 B 512 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
admin-ajax.php
www.chinookwindscasino.com/wp-admin/ |
9 B 476 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H/1.1 |
grabtweets.php
www.chinookwindscasino.com/wp-content/themes/chinook/twimple/ |
11 KB 2 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
admin-ajax.php
www.chinookwindscasino.com/wp-admin/ |
36 B 502 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
admin-ajax.php
www.chinookwindscasino.com/wp-admin/ |
35 B 501 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Chinook_Winds_Mobile_Club_Splash_800x600_2018.jpg
uploads.chinookwindscasino.com/2018/05/03102255/ |
366 KB 367 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FB_Golf_Page_800x600.jpg
uploads.chinookwindscasino.com/2018/10/02124852/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Facebook_Poker_Chips_800x600.jpg
uploads.chinookwindscasino.com/2018/09/28142949/ |
28 KB 29 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.facebook.com/tr/ |
44 B 258 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up
insight.adsrvr.org/track/ Frame BAF5 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
/
www.facebook.com/tr/ |
0 56 B |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
58 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings string| jquery_placeholder_url undefined| $ function| jQuery undefined| oldgs object| punchgs object| _gsScope undefined| oldgs_queue undefined| GreenSockGlobals undefined| _gsQueue function| setREVStartSize object| dataLayer string| GoogleAnalyticsObject function| ga function| fbq function| _fbq function| ttd_dom_ready function| TTDUniversalPixelApi object| GETGA_settings object| GETGA_events object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager function| Swiper object| eventie function| docReady function| EventEmitter function| getStyleProperty function| getSize function| matchesSelector function| Outlayer function| Isotope function| Masonry function| UAParser function| Instafeed function| responsiveUtils object| wp object| jQuery112403044352899177596 object| SH_FACEBOOK object| SH_INSTAGRAM object| BF_TWITTER string| wrapper object| settings number| count string| nav string| token6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .chinookwindscasino.com/ | Name: _fbp Value: fb.1.1609804209200.772255306 |
|
| .chinookwindscasino.com/ | Name: _gid Value: GA1.2.302632217.1609804209 |
|
| .chinookwindscasino.com/ | Name: _gat Value: 1 |
|
| .chinookwindscasino.com/ | Name: _ga Value: GA1.2.247569589.1609804209 |
|
| www.chinookwindscasino.com/ | Name: AWSELBCORS Value: 9FE701091E82EB91E932D0EEC6C492A0294E0BC0160484E5EF7334B4124D99D5D84F98558B9D1F67B5CDA6F10B9EFCD9BB8F81CE10D446177A0CD79B86E60BEDEE1D6C788B |
|
| www.chinookwindscasino.com/ | Name: AWSELB Value: 9FE701091E82EB91E932D0EEC6C492A0294E0BC0160484E5EF7334B4124D99D5D84F98558B9D1F67B5CDA6F10B9EFCD9BB8F81CE10D446177A0CD79B86E60BEDEE1D6C788B |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
insight.adsrvr.org
jelly.mdhv.io
js.adsrvr.org
lmgcorporate.com
mail2.chinookwindscasino-email.com
s3.amazonaws.com
stats.g.doubleclick.net
tags.w55c.net
uploads.chinookwindscasino.com
www.chinookwindscasino.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
104.168.222.2
13.224.100.124
162.218.229.38
216.239.38.21
2a00:1450:4001:808::2008
2a00:1450:4001:809::200e
2a00:1450:4001:81d::200a
2a00:1450:4001:820::200e
2a00:1450:4001:825::2003
2a00:1450:400c:c06::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
35.157.48.14
44.239.225.108
52.216.88.101
52.50.124.20
65.9.70.67
040b7a66d0cc5ae40aa826e3a235d80c52968ee1cf1271faede03c53898a020f
0dae796bf84f2f027367846e26613e4a14d9d7fd316e054210b74dd975eb52e2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17e0f793722af8cb29c786ce42d43689ad4cdaa0ff18302c052f0c4a6a219902
1929dab7d2cb32760115d8f0ae635b45c22e8329cbb224b149c81bd9b752f51c
193aa0da1351c2f7fcc613774142e30b7b3363a927f1a2e365d53764d6a553d7
21aad515f00c463abffdc85a382b1a4e3e88601c05d4abb4021b2098d2cdcd81
2568d1e8fb637842ed9e5bff7704e9e96fbf95b698b24e04492e3086a4659c9e
25f9840cb9f101d9097c2072ed8bc3433088585ad25700cf0c82c869ca79034d
26b91b27922c6305764f6f78ecfc852f093a9ca93a7142272f45ca9a5e597b08
2b8d8f2419fc1c2adf0b40464bd198ca47a48d9e5e0e26177931cd9ee0159cc3
313953404af7c535e0a2d74419b8ff7fd3330c3fba79aaa00da73863d3c2cd9a
36e5b832624b21fc3c68e2e61208cbe50fee495b72bba184138e4f1ab1cc6d11
38224d4928dc32c0a92680492eeaf0d3e2396e292d3e7f40117f8233a3f72315
38c5c16b4015ed06617062d708dcc3b07f7d5cf5cf302905ef11d3e8d85afa64
3a55901e8618eb3610de6e5bccfbe85dde1973715d9349f6d69fdca5aefe0b3b
3bacd2de70ffb652d55822f17556528a79e38e7b041ae4f61727e5ad9c1af95c
3f5234a004870c7a28c65e3361fccf1bda7e5db8953f2b18447f0962d0d13035
40249954cd8daed0ba6c358de99f0dca7ca62f1d5fbc2b80b792616958a91c77
41110aad935b0fa755a97d58debdb4b667cfe5117304e1124c76dea493f73712
415626d7221ad2e95ad128333a7be9dcbd193992b2e62bdfaa983ba71e68657d
41fffc2ac8548fed5cc27fdecab84296f7fbe9139226c907d54e10d4149f3465
43e203fac528650d9312733b02a9465c9cef61b00aebf5223565ab1bfb9f3e09
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fef4cadbccb76ae496426e3a4a0c1e379367bcfc7369599fb2825b65a195b21
50db8fc61b5696968c39933f68f8fb74cc263ac365b92eec7bbcfd1f02ec66ad
556a26db1ca8a8f83e1f3923aa6fd5d312ace6c7f31d28745c1a597b692a3928
582ecfaf892a8451e1834fc0297833ddf239cc9a50a0f78d3548aade33e26b38
6702f20ffeaaf34b2f698d5ed6ca2a31c2bb6f92fbd12ced43873ab9edc06588
69d4c869191ac1e68b35814956b175cf8c97fe75bf8db10c67534cab11061ed7
6a6f0864a4476abbb501185568fb42fc3d9db2616bb3e2d106ad32d424510ae1
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d9338167c88996225dfda982988a24da3fe98ef00d49d1de92b2715593813d7
744fb88e7e0fda0c472079b42ed8c680f319ce404f02a5d0760e523fd4715368
77a0c628533d041c5b6a9e7fe136076b2d2b1880a56877bde4301e7c33db20c9
7b4da6b2af79f67af6075136689af1f84680b3b3fd961860b68b7f2d9fd02220
81471166f491987c8eea7cf99db534f0a052f87584c87d259ab6844b3610e572
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
863ce3fa1069af3a4ae0d0e2f85ab7b92e2eca7ed454534160083e93f07c115a
8c0089569c5ceaf1e1dcfc22c2285ca01a05599563b72035bc84a2357f8ca965
998e3919435912df539ad32067f649518fc694094d4d1535ea00520c7b081267
9d2fc4295ea22383d673aa5e765cde9f457b268967e97b913a60ea4c900bcb74
a1dff8b0c66227748951c4ff891f146f49c5a382ac8e3d6e3c2e9cf8aa560dc8
abdf01dbab06efbec289cf85e83f8ec3618f996ab6803e9f9437db14bc5cbf53
af03d407b97a736f351152b07f9becbfc95cfc3787dd5d3d9fb2bd1fef030e15
ba47fc841446b379ba749e99099dfd52f53809966df6255696dc663cf9edd38e
bb0c201f0ca67e745869967d48db2e90bf01353d1f305959d487291cab6d0755
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bfe4b0580d3081da576a3db78c76453fc4e1a72a857ba3b7609b2dbfe6b5b4e7
c3e77da7bef25b0f3f306b7b0a1f02083f959616674f1aad02b2573e0b5bac9f
ca4ceef656619b1e540d313a1b15cffc98de675d8af7275431d688935244af65
d0379631be0de01030189844cefcbde49c5d131b1bb15769f11301c80868748f
d0ed6a762d64482e7553a8db122bd681bf40d2f9da41f859a43ed08e64140939
d32e90e67625a7fd39a1d85256ce180f27de7a2b5e1d4c96ab156a3dcafa2100
d9ac81b8e6a20a2a837e76c1904bd3fc925d60efb10aceea8057cca7b439f306
dcb5e540e62fc85857254a1066afb6a7e8999279c6d4c583eef855d39f9289c0
df8a5107ba5e376574c65138c856b6a1fc0e172544ef27fc831e77bb5c6af516
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e7d22deb1f71928dc88afb1bec8955d3c81712cde5091fe9cd62f943ccdf74b7
e9f2761fab160803bdc2dd734d5b5e8b47b6191b150e609e5dc474343ac15d48
ec608826f2c78268b902a8d387af112c96164112d482b98da5b17b8ceddfde1b
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ee4e5c22c4f3450ab94b4b7bf2147f6bd6a6390a85f1ef4020d5bcaaa2cb1750
f7e556e915e35de3e000fb27c14a6646e156466c9e79c2e992e6a64ce80cda11
f9c5aefe570f2fbc697579a7a16592e2c249414cfb7cd1b4b9c5c325363942c3
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fc60115f97acbe012f3a791ed8bc37ee855076ce8fb039925d5e20293092c0ef
fc9d5e724a105562922cf76ade6d5ed82823919afe1c9e206f35d4c34b80d6f5