adfs.swinomishcasino.com Open in urlscan Pro
66.114.36.220 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://swinomish.policystat.com/home/?force_login_from_guest=1&utm_source=digest
Effective URL:
https://adfs.swinomishcasino.com/adfs/ls/
Submission: On February 22 via manual (February 22nd 2024, 6:07:52 pm UTC) from CA — Scanned from CA

Summary HTTP 20 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 1 countries across 6 domains to perform 20 HTTP transactions. The main IP is 66.114.36.220, located in Ferndale, United States and belongs to POGOZONE-OA, US. The main domain is adfs.swinomishcasino.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 28th 2023. Valid for: a year.

This is the only time adfs.swinomishcasino.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 5	52.23.109.72 52.23.109.72	14618 (AMAZON-AES) (AMAZON-AES)
6	108.139.38.24 108.139.38.24	16509 (AMAZON-02) (AMAZON-02)
1	108.138.106.126 108.138.106.126	16509 (AMAZON-02) (AMAZON-02)
1	18.164.96.46 18.164.96.46	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
3	66.114.36.220 66.114.36.220	13831 (POGOZONE-OA) (POGOZONE-OA)
20	8

5 52.23.109.72 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-109-72.compute-1.amazonaws.com

swinomish.policystat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 108.139.38.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-139-38-24.jfk50.r.cloudfront.net

d2zk9fgwitlpui.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.138.106.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-106-126.jfk50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.96.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-96-46.jfk50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 66.114.36.220 (Ferndale, United States)

ASN13831 (POGOZONE-OA, US)

adfs.swinomishcasino.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
6	cloudfront.net d2zk9fgwitlpui.cloudfront.net	897 KB
5	policystat.com 1 redirects swinomish.policystat.com	37 KB
3	swinomishcasino.com adfs.swinomishcasino.com	148 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 712 script.hotjar.com — Cisco Umbrella Rank: 944	60 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 239	404 B
1	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 599	25 KB
20	6

	Domain	Requested by
6	d2zk9fgwitlpui.cloudfront.net	swinomish.policystat.com
5	swinomish.policystat.com	1 redirects swinomish.policystat.com
3	adfs.swinomishcasino.com	adfs.swinomishcasino.com
1	bam.nr-data.net	swinomish.policystat.com js-agent.newrelic.com
1	js-agent.newrelic.com	swinomish.policystat.com
1	script.hotjar.com	static.hotjar.com
1	static.hotjar.com	d2zk9fgwitlpui.cloudfront.net
20	7

This site contains no links.

Subject Issuer	Validity	Valid
*.policystat.com Amazon RSA 2048 M03	`2023-11-16` - `2024-12-13`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2023-10-10` - `2024-09-19`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M03	`2024-02-07` - `2025-03-08`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1	`2024-01-15` - `2025-02-15`	a year	crt.sh
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2024-10-01`	a year	crt.sh
*.swinomishcasino.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-28` - `2024-02-28`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://adfs.swinomishcasino.com/adfs/ls/
Frame ID: A1E433B3B7FDA8400B7233A6B1022F3C
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sign In

Page URL History Show full URLs

https://swinomish.policystat.com/home/?force_login_from_guest=1&utm_source=digest HTTP 302
https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest Page URL
https://adfs.swinomishcasino.com/adfs/ls/ Page URL

Detected technologies

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Page Statistics

20
Requests

85 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

8
IPs

1
Countries

1167 kB
Transfer

4012 kB
Size

5
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://swinomish.policystat.com/home/?force_login_from_guest=1&utm_source=digest HTTP 302
https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest Page URL
https://adfs.swinomishcasino.com/adfs/ls/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://swinomish.policystat.com/home/?force_login_from_guest=1&utm_source=digest HTTP 302
https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest

20 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
swinomish.policystat.com/
Redirect Chain

https://swinomish.policystat.com/home/?force_login_from_guest=1&utm_source=digest
https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest

51 KB
21 KB

125ms
124ms

Document
text/html

52.23.109.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-109-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

b0e62272de041e3287c6524578a92a5b3aa8939f50454417e3d54996ad064878

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, private, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 20507
Content-Security-Policy-Report-Only: font-src https://d2zk9fgwitlpui.cloudfront.net/; connect-src 'self'; script-src 'unsafe-inline' https:; form-action 'self'; object-src 'none'; report-to csp-endpoint; style-src 'unsafe-inline' https:; base-uri 'none'; default-src 'none'; img-src https: http: data:; report-uri /authorization/csp/
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Feb 2024 18:07:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group": "csp-endpoint", "max_age": 86400, "endpoints": [{"url": "https://swinomish.policystat.com/authorization/csp/"}]}
Reporting-Endpoints: csp-endpoint=https://swinomish.policystat.com/authorization/csp/
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding Cookie
X-Content-Type-Options: nosniff

Redirect headers

Cache-Control: no-store, no-cache, private, must-revalidate
Connection: keep-alive
Content-Length: 0
Content-Security-Policy-Report-Only: script-src 'unsafe-inline' https:; default-src 'none'; form-action 'self'; style-src 'unsafe-inline' https:; base-uri 'none'; img-src https: http: data:; font-src https://d2zk9fgwitlpui.cloudfront.net/; report-to csp-endpoint; connect-src 'self'; object-src 'none'; report-uri /authorization/csp/
Content-Type: text/html; charset=utf-8
Date: Thu, 22 Feb 2024 18:07:47 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: /?force_login_from_guest=1&utm_source=digest
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group": "csp-endpoint", "max_age": 86400, "endpoints": [{"url": "https://swinomish.policystat.com/authorization/csp/"}]}
Reporting-Endpoints: csp-endpoint=https://swinomish.policystat.com/authorization/csp/
Server: nginx
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Cookie
X-Content-Type-Options: nosniff

GET
H2 200 2.0e738869.chunk.css
d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/css/ 22 KB
3 KB 133ms
37ms Stylesheet
text/css 108.139.38.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/css/2.0e738869.chunk.css
Requested by: Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 531c8ee147655f94c8ea53e331d87fd0055a801218e15922fc554099923276b7

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:17:10 GMT
content-encoding: gzip
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 19:14:47 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 67837
x-amz-server-side-encryption: AES256
etag: W/"7ff007f822bf53853595ba5a13a65011"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: 9WOPbholvHxLruc5hdkLjeRou_hUhz9CT69YfONCrXIItgRP2sPh9Q==

GET
H2 200 runtime~main.8d7940fe.js Show response
d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/ 3 KB
2 KB 269ms
174ms Script
application/javascript 108.139.38.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/runtime~main.8d7940fe.js
Requested by: Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 131deaafceaf35c2aac33a2bdc91a8e677c65d47e113aadce100f63ad3013902

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 22:32:23 GMT
content-encoding: gzip
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
last-modified: Tue, 20 Feb 2024 19:14:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 70525
x-amz-server-side-encryption: AES256
etag: W/"1c7cf9dcb43323e613bab13f4c2890db"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: WcH7rSE81spOE28_76AgXRyfa6TpGUOL9YyanUmSwPgFb0jEa5SpYg==

GET
H2 200 2.4b6c8821.chunk.js Show response
d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/ 2 MB
591 KB 154ms
59ms Script
application/javascript 108.139.38.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/2.4b6c8821.chunk.js
Requested by: Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3917cf599adf77de58f9673fc161ba8f76c4884a45f416c6fb9d769655062eae

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 23:54:46 GMT
content-encoding: gzip
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 01:01:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 65582
etag: W/"a3a39b192ffc74b374189f39b96a5756"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: 5Yx3jc72a2J9TO5GFmt-z2MZbPdfXlDzci8FEiCJRCYNxlbppjqQGA==

GET
H2 200 main.43bd6020.chunk.js Show response
d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/ 1 MB
272 KB 256ms
161ms Script
application/javascript 108.139.38.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/main.43bd6020.chunk.js
Requested by: Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c33f87adb4d6e313036eec66b4984fbe07151d13be6387ecd86ae3925ca9d4f4

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 01:12:46 GMT
content-encoding: gzip
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 01:01:48 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 60902
etag: W/"4c4b3b114b02bb509505ca192eb1bc70"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: qgtF31DjZ83pVXcF4HPfeDu0fDFxScR0zZXIK0LdfXrrL6UMNRkZ8w==

GET
H2 200 hotjar-1312776.js Show response
static.hotjar.com/c/ 12 KB
5 KB 160ms
47ms Script
application/javascript 108.138.106.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1312776.js?sv=6

Requested by

Host: d2zk9fgwitlpui.cloudfront.net
URL: https://d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/main.43bd6020.chunk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.138.106.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-138-106-126.jfk50.r.cloudfront.net

Software

Resource Hash

6ef6a5eae99c8f0531c345eaa6dc1162abd39a21e3b3960ec7f1ad254caead2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 18:06:54 GMT
via: 1.1 67b919f32fa9ff0607f0c0df49f2c116.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P3
age: 57
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/7bf689c434252db51e8ec1d47252b958
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: -YcEosk_CgAuKccIG1eYHngk8T33tX4gfaMGHNYxtE_B6AU-DZCr4Q==

POST
H/1.1 200
OK / Show response
swinomish.policystat.com/graphql/ 3 KB
5 KB 125ms
125ms Fetch
application/json 52.23.109.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://swinomish.policystat.com/graphql/

Requested by

Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-109-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

d80e385210f88c9dfed6ef8e8d595f479ab6ba3e2fc49c70d0bbbe960b636f95

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 22 Feb 2024 18:07:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
Content-Security-Policy-Report-Only: font-src https://d2zk9fgwitlpui.cloudfront.net/; connect-src 'self'; script-src 'unsafe-inline' https:; form-action 'self'; object-src 'none'; report-to csp-endpoint; style-src 'unsafe-inline' https:; base-uri 'none'; default-src 'none'; img-src https: http: data:; report-uri /authorization/csp/
Report-To: {"group": "csp-endpoint", "max_age": 86400, "endpoints": [{"url": "https://swinomish.policystat.com/authorization/csp/"}]}
Content-Type: application/json
Vary: Cookie, Origin
Cache-Control: no-store, no-cache, private, must-revalidate
X-Latest-Client-Version: 43bd6020
Connection: keep-alive
Content-Length: 3450
Reporting-Endpoints: csp-endpoint=https://swinomish.policystat.com/authorization/csp/
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
swinomish.policystat.com/graphql/ 7 KB
9 KB 129ms
129ms Fetch
application/json 52.23.109.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://swinomish.policystat.com/graphql/

Requested by

Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-109-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

8d23c8ebcf146f29d48f5fe4f2f5df228151f081aa27623edbf01fbec3cc883b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 22 Feb 2024 18:07:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
Content-Security-Policy-Report-Only: font-src https://d2zk9fgwitlpui.cloudfront.net/; script-src 'unsafe-inline' https:; base-uri 'none'; style-src 'unsafe-inline' https:; object-src 'none'; connect-src 'self'; img-src https: http: data:; form-action 'self'; default-src 'none'; report-to csp-endpoint; report-uri /authorization/csp/
Report-To: {"group": "csp-endpoint", "max_age": 86400, "endpoints": [{"url": "https://swinomish.policystat.com/authorization/csp/"}]}
Content-Type: application/json
Vary: Cookie, Origin
Cache-Control: no-store, no-cache, private, must-revalidate
X-Latest-Client-Version: 43bd6020
Connection: keep-alive
Content-Length: 7662
Reporting-Endpoints: csp-endpoint=https://swinomish.policystat.com/authorization/csp/
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
swinomish.policystat.com/graphql/ 185 B
1 KB 187ms
86ms Fetch
application/json 52.23.109.72
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://swinomish.policystat.com/graphql/

Requested by

Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.23.109.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-23-109-72.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f62e4a9aa752e04c2f26151493b0076c02eb3866225f6b057e81466bdb7c879d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
content-type: application/json

Response headers

Date: Thu, 22 Feb 2024 18:07:48 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Referrer-Policy: strict-origin-when-cross-origin
X-Content-Type-Options: nosniff
Server: nginx
Content-Security-Policy-Report-Only: base-uri 'none'; img-src https: http: data:; style-src 'unsafe-inline' https:; object-src 'none'; default-src 'none'; font-src https://d2zk9fgwitlpui.cloudfront.net/; script-src 'unsafe-inline' https:; form-action 'self'; connect-src 'self'; report-to csp-endpoint; report-uri /authorization/csp/
Report-To: {"group": "csp-endpoint", "max_age": 86400, "endpoints": [{"url": "https://swinomish.policystat.com/authorization/csp/"}]}
Content-Type: application/json
Vary: Cookie, Origin
Cache-Control: no-store, no-cache, private, must-revalidate
X-Latest-Client-Version: 43bd6020
Connection: keep-alive
Content-Length: 185
Reporting-Endpoints: csp-endpoint=https://swinomish.policystat.com/authorization/csp/
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 rldatix-policystat_logo.png
d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/img/ 12 KB
13 KB 62ms
61ms Image
image/png 108.139.38.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/img/rldatix-policystat_logo.png
Requested by: Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acfa4d20a8cbc8df055d2b905266e418f0f73b322d92888299039001f8904f40

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 03:40:06 GMT
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
last-modified: Wed, 21 Feb 2024 01:01:52 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 52063
x-amz-server-side-encryption: AES256
etag: "5635028d51d88c815a919383793b562e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 12732
x-amz-cf-id: eT18V4T6IongnVbq0Gm5SqCfnjcIk6DpYMKzRzWNwjCfED6uDFJCFw==

GET
H2 200 modules.3ba69200791f16077ba8.js Show response
script.hotjar.com/ 228 KB
55 KB 173ms
68ms Script
application/javascript 18.164.96.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.3ba69200791f16077ba8.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1312776.js?sv=6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.96.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-164-96-46.jfk50.r.cloudfront.net

Software

Resource Hash

c60a1c9a37989557aed8884899ddec28096d9624f4b43c602f9b335ae1db25cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Thu, 22 Feb 2024 11:39:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 c4d0da6268789cfda9bb5da1f3f8fc58.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK50-P5
age: 23322
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 56245
last-modified: Thu, 22 Feb 2024 11:38:42 GMT
etag: "35c74e10d354e1166c41fd72674e0488"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: xhyIHDgtEGCgo-vXS9AlcEc1brIJLA-W1UJckbX_7xlYuM2uReBHig==

GET
H2 200 Swinomish_Casino_header.png
d2zk9fgwitlpui.cloudfront.net/document_settings/swinomish/header/1657635536/ 16 KB
16 KB 37ms
37ms Image
image/png 108.139.38.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2zk9fgwitlpui.cloudfront.net/document_settings/swinomish/header/1657635536/Swinomish_Casino_header.png
Requested by: Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.139.38.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-139-38-24.jfk50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 73572f1d29e42a94ed4e3113cbca8988b40dc7eac65b6382b2a881738beda940

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://swinomish.policystat.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

date: Wed, 21 Feb 2024 22:02:01 GMT
via: 1.1 d50d90bbddca57e02d6288d86c88470a.cloudfront.net (CloudFront)
last-modified: Tue, 12 Jul 2022 14:18:57 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P2
age: 72348
etag: "7e9028ec2fea44fb6e5aacc48598401f"
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 16015
x-amz-cf-id: kpKyPjaxW4KGX9qDkebazaj12M5pgGM9xbmT7oQyjiesE0IhUOoubg==

GET
H2 200 nr-full-1.252.0.min.js Show response
js-agent.newrelic.com/ 74 KB
25 KB 98ms
25ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js-agent.newrelic.com/nr-full-1.252.0.min.js

Requested by

Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.137 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7c25418cce4867b47376766823ff8aeb5d0ebf46cb986d7c10cd6ad38ad65004

Security Headers

Name	Value
Strict-Transport-Security	max-age=300

Request headers

Referer: https://swinomish.policystat.com/
Origin: https://swinomish.policystat.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

x-amz-version-id: erpQAsDFxG_6aM4W2oXrEE2UTrC4hTVP
content-encoding: br
via: 1.1 varnish
date: Thu, 22 Feb 2024 18:07:48 GMT
strict-transport-security: max-age=300
x-amz-request-id: R8HJMF21MNY98GWD
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 24959
x-amz-id-2: V8yEkObfHfwD2VfcmH7vg+oduhZnwqKnLxMeDe5s4ib7TWv0M2x3BR5ylghSHqvBFhUl6XCL9SE=
x-served-by: cache-yyz4541-YYZ
last-modified: Tue, 13 Feb 2024 00:41:07 GMT
server: AmazonS3
x-timer: S1708625269.977374,VS0,VE0
etag: "2f8ac62328d6fa35d0edb414cf141d02"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=86400, stale-if-error=86400
accept-ranges: bytes
x-cache-hits: 81532

POST
H/1.1 200 5822847fd5 Show response
bam.nr-data.net/1/ 40 B
404 B 152ms
97ms XHR
text/plain 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=1682&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0&af=err,xhr,stn,ins&ap=47&be=436&fe=1105&dc=687&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1708625267355,%22n%22:0,%22r%22:0,%22re%22:311,%22f%22:311,%22dn%22:311,%22dne%22:311,%22c%22:311,%22s%22:311,%22ce%22:311,%22rq%22:312,%22rp%22:436,%22rpe%22:439,%22di%22:1122,%22ds%22:1122,%22de%22:1123,%22dc%22:1539,%22l%22:1539,%22le%22:1541%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1100&fcp=1100
Requested by: Host: swinomish.policystat.com
URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b5b1b39cb4bb3f74c125d87f24c7db43e7e65d14c2184e74d77b7857c2785ede

Request headers

Referer: https://swinomish.policystat.com/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
content-type: text/plain

Response headers

date: Thu, 22 Feb 2024 18:07:49 GMT
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
content-type: text/plain
access-control-allow-origin: https://swinomish.policystat.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 40
x-served-by: cache-yyz4533-YYZ

POST
H2 200 Primary Request / Show response
adfs.swinomishcasino.com/adfs/ls/ 22 KB
24 KB 1839ms
148ms Document
text/html 66.114.36.220
POGOZONE-OA

General

Check archive.org

Show headers Download Go to

Full URL

https://adfs.swinomishcasino.com/adfs/ls/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.114.36.220 Ferndale, United States, ASN13831 (POGOZONE-OA, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

ba0f423081eef2645e1ecf33051bb017f6d6306491d2b00ea4cb4ef219fd97ca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://swinomish.policystat.com
Referer: https://swinomish.policystat.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: no-cache,no-store
content-length: 22916
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
content-type: text/html; charset=utf-8
date: Thu, 22 Feb 2024 18:07:50 GMT
expires: -1
p3p: ADFS doesn't have P3P policy, please contact your site's admin for more details
pragma: no-cache
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
strict-transport-security: max-age = 31536000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

POST 5822847fd5
bam.nr-data.net/events/1/ 0
0

POST 5822847fd5
bam.nr-data.net/jserrors/1/ 0
0

GET
H2 200 style.css
adfs.swinomishcasino.com/adfs/portal/css/ 10 KB
10 KB 108ms
105ms Stylesheet
text/css 66.114.36.220
POGOZONE-OA

General

Check archive.org

Show headers Download Go to

Full URL

https://adfs.swinomishcasino.com/adfs/portal/css/style.css?id=3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151

Requested by

Host: adfs.swinomishcasino.com
URL: https://adfs.swinomishcasino.com/adfs/ls/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.114.36.220 Ferndale, United States, ASN13831 (POGOZONE-OA, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

3b1a0c704cdae8ecd48aa8f0d50409d981cef21d7ae6dc85b0797d270101b151

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://adfs.swinomishcasino.com/adfs/ls/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age = 31536000
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 18:07:50 GMT
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
etag: 3B1A0C704CDAE8ECD48AA8F0D50409D981CEF21D7AE6DC85B0797D270101B151
content-type: text/css
content-length: 10462
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2024 17:07:51 GMT

GET
H2 200 illustration.png
adfs.swinomishcasino.com/adfs/portal/illustration/ 114 KB
114 KB 111ms
111ms Image
image/png 66.114.36.220
POGOZONE-OA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adfs.swinomishcasino.com/adfs/portal/illustration/illustration.png?id=183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

66.114.36.220 Ferndale, United States, ASN13831 (POGOZONE-OA, US),

Reverse DNS

Software

Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0 /

Resource Hash

183128a3c941ede3d9199fa37d6aa90e0a7dfe101b37d10b4feda0cf35e11afd

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
Strict-Transport-Security	max-age = 31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://adfs.swinomishcasino.com/adfs/ls/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.57 Safari/537.36

Response headers

strict-transport-security: max-age = 31536000
content-security-policy: default-src 'self' 'unsafe-inline' 'unsafe-eval'; img-src 'self' data:;
x-content-type-options: nosniff
date: Thu, 22 Feb 2024 18:07:50 GMT
server: Microsoft-HTTPAPI/2.0 Microsoft-HTTPAPI/2.0
etag: 183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD
content-type: image/png
content-length: 116699
x-xss-protection: 1; mode=block
expires: Sat, 23 Mar 2024 17:07:51 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4285&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/events/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4286&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0

Domain: bam.nr-data.net
URL: https://bam.nr-data.net/jserrors/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4291&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
adfs.swinomishcasino.com/adfs	1969-12-31 23:59:59	Name: MSISSamlRequest Value: QmFzZVVybD1odHRwcyUzYSUyZiUyZmFkZnMuc3dpbm9taXNoY2FzaW5vLmNvbSUzYTQ0MyUyZmFkZnMlMmZscyUyZlxTQU1MUmVxdWVzdD1QRzV6TURwQmRYUm9ibEpsY1hWbGMzUWdlRzFzYm5NNmJuTXdQU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2Y0hKdmRHOWpiMndpSUhodGJHNXpPbTV6TVQwaWRYSnVPbTloYzJsek9tNWhiV1Z6T25Sak9sTkJUVXc2TWk0d09tRnpjMlZ5ZEdsdmJpSWdRWE56WlhKMGFXOXVRMjl1YzNWdFpYSlRaWEoyYVdObFZWSk1QU0pvZEhSd2N6b3ZMM04zYVc1dmJXbHphQzV3YjJ4cFkzbHpkR0YwTG1OdmJTOXpZVzFzTWk5aFkzTXZJaUJFWlhOMGFXNWhkR2x2YmowaWFIUjBjSE02THk5aFpHWnpMbk4zYVc1dmJXbHphR05oYzJsdWJ5NWpiMjB2WVdSbWN5OXNjeThpSUVsRVBTSnBaQzAwYVZWYVprbHFiek5RUVRGb2JIWXpNaUlnU1hOemRXVkpibk4wWVc1MFBTSXlNREkwTFRBeUxUSXlWREU0T2pBM09qUTRXaUlnVUhKdmRHOWpiMnhDYVc1a2FXNW5QU0oxY200NmIyRnphWE02Ym1GdFpYTTZkR002VTBGTlREb3lMakE2WW1sdVpHbHVaM002U0ZSVVVDMVFUMU5VSWlCV1pYSnphVzl1UFNJeUxqQWlQanh1Y3pFNlNYTnpkV1Z5SUVadmNtMWhkRDBpZFhKdU9tOWhjMmx6T201aGJXVnpPblJqT2xOQlRVdzZNaTR3T201aGJXVnBaQzFtYjNKdFlYUTZaVzUwYVhSNUlqNW9kSFJ3Y3pvdkwzTjNhVzV2YldsemFDNXdiMnhwWTNsemRHRjBMbU52YlM5ellXMXNNaTl0WlhSaFpHRjBZUzg4TDI1ek1UcEpjM04xWlhJJTJiUEc1ek1EcE9ZVzFsU1VSUWIyeHBZM2tnUVd4c2IzZERjbVZoZEdVOUltWmhiSE5sSWlCR2IzSnRZWFE5SW5WeWJqcHZZWE5wY3pwdVlXMWxjenAwWXpwVFFVMU1PakV1TVRwdVlXMWxhV1F0Wm05eWJXRjBPblZ1YzNCbFkybG1hV1ZrSWlBdlBqd3Zibk13T2tGMWRHaHVVbVZ4ZFdWemRENCUzZFxQcm90b2NvbEJpbmRpbmc9dXJuJTNhb2FzaXMlM2FuYW1lcyUzYXRjJTNhU0FNTCUzYTIuMCUzYWJpbmRpbmdzJTNhSFRUUC1QT1NU
.policystat.com/	1969-12-31 23:59:59	Name: sessionid Value: 3i5ettdxim8iuc1sixdny2aei027b9k9
.policystat.com/	1970-01-21 03:21:14	Name: csrftoken Value: vB66iKcsZSl2OopmlhOUnXbpr1WMWkCRYGahdrM6TKEocm0xuALO2riHAm5v4Mce
.policystat.com/	1970-01-21 03:22:41	Name: _hjSessionUser_1312776 Value: eyJpZCI6ImYzZWFkZWIzLTY4ZDMtNTlmNy1iZGY2LWZhYjNiZTdhYTRhMCIsImNyZWF0ZWQiOjE3MDg2MjUyNjg4NzcsImV4aXN0aW5nIjp0cnVlfQ==
.policystat.com/	1970-01-20 18:37:07	Name: _hjSession_1312776 Value: eyJpZCI6IjdjYTRhMmNmLTQ4ZTAtNDBiMS05NTJhLTg2NDc0M2I5ZjRkMCIsImMiOjE3MDg2MjUyNjg4NzgsInMiOjEsInIiOjAsInNiIjowLCJzciI6MCwic2UiOjAsImZzIjoxLCJzcCI6MH0=

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://d2zk9fgwitlpui.cloudfront.net/site_media/anywhere/static/js/2.4b6c8821.chunk.js Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'unsafe-inline' https:".
security	error	URL: https://swinomish.policystat.com/?force_login_from_guest=1&utm_source=digest(Line 18) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=1682&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0&af=err,xhr,stn,ins&ap=47&be=436&fe=1105&dc=687&fsh=1&perf=%7B%22timing%22:%7B%22of%22:1708625267355,%22n%22:0,%22r%22:0,%22re%22:311,%22f%22:311,%22dn%22:311,%22dne%22:311,%22c%22:311,%22s%22:311,%22ce%22:311,%22rq%22:312,%22rp%22:436,%22rpe%22:439,%22di%22:1122,%22ds%22:1122,%22de%22:1123,%22dc%22:1539,%22l%22:1539,%22le%22:1541%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&fp=1100&fcp=1100' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://d2zk9fgwitlpui.cloudfront.net/ Message: [Report Only] Refused to send form data to 'https://adfs.swinomishcasino.com/adfs/ls/' because it violates the following Content Security Policy directive: "form-action 'self'".
security	error	URL: https://js-agent.newrelic.com/nr-full-1.252.0.min.js(Line 1) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4285&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://js-agent.newrelic.com/nr-full-1.252.0.min.js(Line 1) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4285&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://js-agent.newrelic.com/nr-full-1.252.0.min.js(Line 1) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4286&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://js-agent.newrelic.com/nr-full-1.252.0.min.js(Line 1) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/events/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4286&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://js-agent.newrelic.com/nr-full-1.252.0.min.js(Line 1) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/jserrors/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4291&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self'".
security	error	URL: https://js-agent.newrelic.com/nr-full-1.252.0.min.js(Line 1) Message: [Report Only] Refused to connect to 'https://bam.nr-data.net/jserrors/1/5822847fd5?a=402046&v=1.252.0&to=Zl1SZEFUD0YDVExYXl8XdkVdVhVcDVkXQUJFWUQeUlsYQgpSSlQfR1FVR0APMWYjflZVVEluWVVEGwZQFg%3D%3D&rst=4291&ck=0&s=46b3e4a0dcc18c08&ref=https://swinomish.policystat.com/&hr=0' because it violates the following Content Security Policy directive: "connect-src 'self'".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adfs.swinomishcasino.com
bam.nr-data.net
d2zk9fgwitlpui.cloudfront.net
js-agent.newrelic.com
script.hotjar.com
static.hotjar.com
swinomish.policystat.com
bam.nr-data.net
108.138.106.126
108.139.38.24
151.101.130.137
162.247.243.29
18.164.96.46
52.23.109.72
66.114.36.220
131deaafceaf35c2aac33a2bdc91a8e677c65d47e113aadce100f63ad3013902
183128a3c941ede3d9199fa37d6aa90e0a7dfe101b37d10b4feda0cf35e11afd
3917cf599adf77de58f9673fc161ba8f76c4884a45f416c6fb9d769655062eae
3b1a0c704cdae8ecd48aa8f0d50409d981cef21d7ae6dc85b0797d270101b151
531c8ee147655f94c8ea53e331d87fd0055a801218e15922fc554099923276b7
6ef6a5eae99c8f0531c345eaa6dc1162abd39a21e3b3960ec7f1ad254caead2e
73572f1d29e42a94ed4e3113cbca8988b40dc7eac65b6382b2a881738beda940
7c25418cce4867b47376766823ff8aeb5d0ebf46cb986d7c10cd6ad38ad65004
8d23c8ebcf146f29d48f5fe4f2f5df228151f081aa27623edbf01fbec3cc883b
acfa4d20a8cbc8df055d2b905266e418f0f73b322d92888299039001f8904f40
b0e62272de041e3287c6524578a92a5b3aa8939f50454417e3d54996ad064878
b5b1b39cb4bb3f74c125d87f24c7db43e7e65d14c2184e74d77b7857c2785ede
ba0f423081eef2645e1ecf33051bb017f6d6306491d2b00ea4cb4ef219fd97ca
c33f87adb4d6e313036eec66b4984fbe07151d13be6387ecd86ae3925ca9d4f4
c60a1c9a37989557aed8884899ddec28096d9624f4b43c602f9b335ae1db25cf
d80e385210f88c9dfed6ef8e8d595f479ab6ba3e2fc49c70d0bbbe960b636f95
f62e4a9aa752e04c2f26151493b0076c02eb3866225f6b057e81466bdb7c879d

adfs.swinomishcasino.com Open in urlscan Pro 66.114.36.220 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

20 Requests

85 %HTTPS

0 %IPv6

6 Domains

7 Subdomains

8 IPs

1 Countries

1167 kBTransfer

4012 kBSize

5 Cookies

0 Outgoing links

Page URL History

Redirected requests

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

11 JavaScript Global Variables

5 Cookies

9 Console Messages

Security Headers

Indicators

adfs.swinomishcasino.com Open in urlscan Pro
66.114.36.220 Public Scan

Screenshot
Live screenshot

Full Image

20
Requests

85 %
HTTPS

0 %
IPv6

6
Domains

7
Subdomains

8
IPs

1
Countries

1167 kB
Transfer

4012 kB
Size

5
Cookies

20 HTTP transactions
0 data transactions