![](/screenshots/94d026de-f1d7-49d8-94ee-a087f40238b3.png)
www.casino.org
Open in
urlscan Pro
104.16.223.55
Public Scan
Effective URL: https://www.casino.org/news/star-entertainment-inquiry-refutes-claims-made-by-board-regarding-junket-partnerships/
Submission: On July 14 via api from US — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 12th 2022. Valid for: a year.
This is the only time www.casino.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 31 | 104.16.223.55 104.16.223.55 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:440... 2606:4700:440e::ac40:9c1a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 198.145.13.11 198.145.13.11 | 2044 (DF-PTL01) (DF-PTL01) | |
3 | 34.249.106.217 34.249.106.217 | 16509 (AMAZON-02) (AMAZON-02) | |
2 | 2a02:26f0:480... 2a02:26f0:480:287::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 52.31.107.150 52.31.107.150 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 15.188.95.229 15.188.95.229 | 16509 (AMAZON-02) (AMAZON-02) | |
39 | 6 |
ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-106-217.eu-west-1.compute.amazonaws.com
dpm.demdex.net | |
tri.demdex.net |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-107-150.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
tribe.sc.omtrdc.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
33 |
casino.org
1 redirects
www.casino.org — Cisco Umbrella Rank: 252037 sa.casino.org — Cisco Umbrella Rank: 480796 |
883 KB |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 213 tri.demdex.net — Cisco Umbrella Rank: 245925 |
5 KB |
2 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 432 |
14 KB |
1 |
omtrdc.net
tribe.sc.omtrdc.net — Cisco Umbrella Rank: 466217 |
395 B |
1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 971 |
517 B |
1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1393 |
5 KB |
39 | 6 |
Domain | Requested by | |
---|---|---|
31 | www.casino.org |
1 redirects
www.casino.org
static.cloudflareinsights.com |
2 | assets.adobedtm.com |
www.casino.org
|
2 | dpm.demdex.net |
www.casino.org
|
2 | sa.casino.org |
www.casino.org
sa.casino.org |
1 | tribe.sc.omtrdc.net | |
1 | cm.everesttech.net | 1 redirects |
1 | tri.demdex.net |
www.casino.org
|
1 | static.cloudflareinsights.com |
www.casino.org
|
39 | 8 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
twitter.com |
www.linkedin.com |
www.youtube.com |
www.dmca.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
casino.org Cloudflare Inc ECC CA-3 |
2022-04-12 - 2023-04-12 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-11 - 2023-05-10 |
a year | crt.sh |
win.staticstuff.net Sectigo RSA Domain Validation Secure Server CA |
2022-03-02 - 2022-11-04 |
8 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-09-10 - 2022-09-10 |
a year | crt.sh |
*.sc.omtrdc.net DigiCert TLS Hybrid ECC SHA384 2020 CA1 |
2022-02-17 - 2023-03-07 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://www.casino.org/news/star-entertainment-inquiry-refutes-claims-made-by-board-regarding-junket-partnerships/
Frame ID: B53AE6D6DE0E9AE1A21C559AC73B454E
Requests: 38 HTTP requests in this frame
Frame:
https://tri.demdex.net/dest5.html?d_nsid=0
Frame ID: 41FB26486E605C4D778A09520CA6BCA2
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/94d026de-f1d7-49d8-94ee-a087f40238b3.png)
Page Title
Star Entertainment Inquiry Refutes Claims Made by Board Regarding Junket Partnerships - Casino.orgStar Entertainment Inquiry Refutes Claims Made by Board Regarding Junket Partnerships - Casino.orgPage URL History Show full URLs
-
http://www.casino.org/news/star-entertainment-inquiry-refutes-claims-made-by-board-regarding-junke...
HTTP 301
https://www.casino.org/news/star-entertainment-inquiry-refutes-claims-made-by-board-regarding-junke... Page URL
Detected technologies
Detected patterns
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
![](/vendor/wappa/icons/Yoast SEO.png)
Detected patterns
- <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: <img src="https://www.casino.org/news/dist/images/global/footer/logo--dmca.png" alt="DMCA.com Protection Status" width="67" height="24">
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.casino.org/news/star-entertainment-inquiry-refutes-claims-made-by-board-regarding-junket-partnerships/
HTTP 301
https://www.casino.org/news/star-entertainment-inquiry-refutes-claims-made-by-board-regarding-junket-partnerships/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 35- https://cm.everesttech.net/cm/dd?d_uuid=03862045137717348930425596133584128207 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=Ys-XhQAAADZpZAOY
39 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.casino.org/news/star-entertainment-inquiry-refutes-claims-made-by-board-regarding-junket-partnerships/ Redirect Chain
|
173 KB 26 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
20f5a013.woff
www.casino.org/news/dist/fonts/ |
22 KB 22 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
82aca7bc.woff2
www.casino.org/news/dist/fonts/ |
18 KB 18 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
878a08a6.woff
www.casino.org/news/dist/fonts/ |
22 KB 22 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
d55c14f8.woff2
www.casino.org/news/dist/fonts/ |
17 KB 17 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WP-Hendrix-Theme-ATF.adea77bad2e8ef7089ef.js
www.casino.org/news/dist/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WP-Hendrix-Theme--cookies.d0d7e781760132abfbd7.js
www.casino.org/news/dist/ |
1 KB 982 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo-casino-org-25years-no-trademark.svg
www.casino.org/news/dist/images/global/logo/25year/ |
13 KB 5 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Mugshot.png
www.casino.org/news/wp-content/uploads/2021/12/ |
460 KB 461 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Star-Entertainment-Daily-Telegraph-142x80.jpg
www.casino.org/news/wp-content/uploads/2022/06/ |
4 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Star-Entertainment-CasinoBeats-150x150.jpg
www.casino.org/news/wp-content/uploads/2022/06/ |
8 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Star-Sydney-150x150.jpg
www.casino.org/news/wp-content/uploads/2022/05/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Star-Entertainment-150x150.jpg
www.casino.org/news/wp-content/uploads/2022/04/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Star-Entertainment-bosses-150x150.jpg
www.casino.org/news/wp-content/uploads/2022/05/ |
5 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Star-Sydney-profile-poker.org_-150x150.jpg
www.casino.org/news/wp-content/uploads/2022/04/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
transparent_3x2.gif
www.casino.org/news/dist/images/common/ |
34 B 442 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-embed.min.js
www.casino.org/news/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
form.js
www.casino.org/news/wp-content/plugins/akismet/_inc/ |
700 B 598 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
vendors.0b708ecc24b2b4a9013b.js
www.casino.org/news/dist/ |
18 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WP-Hendrix-Theme-global.4ac883319c6af60f07e4.js
www.casino.org/news/dist/ |
80 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
adobe.61e20870a49b9fcc1e0f.js
www.casino.org/news/dist/ |
36 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v652eace1692a40cfa3763df669d7439c1639079717194
static.cloudflareinsights.com/beacon.min.js/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
918af6ca.woff2
www.casino.org/news/dist/fonts/ |
4 KB 4 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
WP-Hendrix-Theme-global.4ac883319c6af60f07e4.css
www.casino.org/news/dist/ |
31 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
sa.casino.org/ |
14 KB 5 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
custom-data.js
www.casino.org/ |
97 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
wp-news-stocks.json
www.casino.org/Sources/api/stocks-ticker/ |
5 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Star-Entertainment-Daily-Telegraph.jpg
www.casino.org/news/wp-content/uploads/2022/06/ |
146 KB 147 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
16387795_web1_webSTRIP-PURCHASE-APRXX-22-BT06-120x120.jpg
www.casino.org/news/wp-content/uploads/2022/07/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Downtown_LA_aerial_crop-120x120.jpg
www.casino.org/news/wp-content/uploads/2022/07/ |
5 KB 5 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
RRR-120x120.jpg
www.casino.org/news/wp-content/uploads/2022/07/ |
6 KB 7 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
362 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
rum
www.casino.org/cdn-cgi/ |
0 166 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
tri.demdex.net/ Frame 41FB |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=Ys-XhQAAADZpZAOY
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s84472870682869
tribe.sc.omtrdc.net/b/ss/tribecasinoorg.test/1/JS-2.22.0-LBWB/ |
43 B 395 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.php
sa.casino.org/ |
212 B 395 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
51 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| _wp_rp_static_base_url string| _wp_rp_wp_ajax_url string| _wp_rp_plugin_version string| _wp_rp_post_id string| _wp_rp_num_rel_posts boolean| _wp_rp_thumbnails string| _wp_rp_post_title object| _wp_rp_post_tags boolean| _wp_rp_promoted_content object| wp object| webpackChunkCORG_WP function| loadCSS object| sa_custom object| sa_site_ids object| adobeTags object| ak_js object| commentForm undefined| replyRowContainer undefined| children object| lazySizes object| __cfBeacon object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq object| s object| _wq object| sa_obj object| sa undefined| test object| _cgen object| _cgen_custom object| s_i_tribecasinoorg.test string| _heatmaps_g2g_2323759 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.casino.org/ | Name: cookies_consent Value: 1 |
|
.demdex.net/ | Name: demdex Value: 03862045137717348930425596133584128207 |
|
.casino.org/ | Name: AMCVS_9CE579FD5DCD8B590A495E09%40AdobeOrg Value: 1 |
|
.casino.org/ | Name: s_cc Value: true |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~Ys-XhQAAADZpZAOY |
|
.casino.org/ | Name: _jsuid Value: 45625414 |
|
.casino.org/ | Name: _heatmaps_g2g_232375 Value: no |
|
.dpm.demdex.net/ | Name: dpm Value: 03862045137717348930425596133584128207 |
|
.casino.org/ | Name: AMCV_9CE579FD5DCD8B590A495E09%40AdobeOrg Value: -637568504%7CMCIDTS%7C19188%7CMCMID%7C08921707367494160640924846607318974754%7CMCAAMLH-1658393093%7C6%7CMCAAMB-1658393093%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1657795493s%7CNONE%7CMCSYNCSOP%7C411-19195%7CvVersion%7C5.1.1 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cm.everesttech.net
dpm.demdex.net
sa.casino.org
static.cloudflareinsights.com
tri.demdex.net
tribe.sc.omtrdc.net
www.casino.org
104.16.223.55
15.188.95.229
198.145.13.11
2606:4700:440e::ac40:9c1a
2a02:26f0:480:287::1e80
34.249.106.217
52.31.107.150
01f2e6396841f3ff3ac045bf068789d3606ea9857ebc1582fee1ad256b8fbf3a
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0515cbd1f8aee97e1c8e0d1d015ca96c86def13e90d2e73bf813072ccc23d531
06b174d7336bf5bfd65570087b74363e581f4b72fe2cf625d2a475a94fa6ace1
117772846a512eaca5f24a1eb71641f91919aa0ff34a1200ba83f836389be7ae
1a60331c6fb3a2eef23e7c1e44f7ee6bf41f4f2f96b99757d8bc845b3a807b7d
1cc4f14202c58b49f25a56e5252c48dd835f7b83b4df7c7edc97298ef9adaf10
2074a6e659de6fe1a5d7b26938b89db65e712cc98ba95729e95f68106962718a
2ac23279590f18f4577084e3b030600ff80e7d4eaea2a52a9237579f3842f985
2b6e947b68f01e26f3ed34e06dd70b619fa6bdb8418dcff30f5c269e1a958ce3
2d57a5ccaf7a186940cb92c651c224db71c9270c3b638197a6f12c8df2ba43b6
4d5e750aef9486fb46a3524d59fcd4716e5222ee39b50d50d4b157e3cacbdeb9
5138d39633dc69fcd0ed7f33a5e38dc339123f682fa7f5242066879c2bbc8c9b
554ea7074289eabd122e1170b16d12cc993e2a7816ff85c0761eec6240b14b93
6d8b3e2d80326b366bbfbae16202624b244d388b1f79d67793ad8771151349a4
75ed86c768c845cc72f5fc7e76549443b01e552ded506a1221d06a951a3c4495
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7daf47bc689d870797a7ebf25d200cca546c1416314f2e0128ccf13eb22f7e4b
83959c59e3ae51f7565c0f0232e1db3d6ceeea6f38843af3e8e532b900c93a4d
8533ee1ea912a7497487e9f5df333ce9e6fc5a95347303ede4756a146a26c733
89ee351f873503c495010c53fc4354d1888d51f44b855d71baf8dfa4538e6843
8e2256b7c466de77a38d832ebe4919baf1e620c3c529a3a3b168402253b1bca9
92943f758b306a9a185c604bb34067417ae925d47c0ab624840510f5dfcbd3fd
94f30d0d97152adf0a8ee7e4c2ed50d17d907886e00abe731ed35cf96bade619
9da00907c8d3f0f8b4474046da4ac90a44f66e6bf0f13b386bed9a35c83b0408
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
b12cc8ad152509ebd26405b267522784993dc8c217cd69381ba9606c35bcafff
b742dd461b0702ae217f8757161e4d4ee8d7b350a0ec1caf001e16d8a6de55a2
bc57099c1b9586edab7094a8574eca83fe6e4a17d10e3b6be9cca901c61c9278
be167f36782c6bd0f64d7e45f82790a810a86ceae51abc7302e6bc9b9c5ad698
bfe84b9cb05b61889180ea6908fddd971864123b57c2a745fd326ba6b87431eb
d67250bd6b1b4fef4426439d007bf38192055ce8b60ce88d58c59bcd9ecf0453
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed561c5d042d08481af8cb1d52ef6b0365ff6b982f17983cc0e0778c1611afc1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f074395814596f7487d57cdaf121cdf37b105e3df254333c77291c63b7ede30d
f744b8fd9c610dcf47f2da7546532e2530cea0d91e3a04e8d18633d1ff2f30a7
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505