cottagesofnorman.com
Open in
urlscan Pro
216.70.123.61
Public Scan
Effective URL: https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F...
Submission Tags: phishing malicious Search All
Submission: On February 08 via api from US
Summary
TLS certificate: Issued by Starfield Secure Certificate Authorit... on March 26th 2020. Valid for: a year.
This is the only time cottagesofnorman.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-34-210-132-119.us-west-2.compute.amazonaws.com
wc4.net |
ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com | |
ka-p.fontawesome.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 51.241.186.35.bc.googleusercontent.com
api-js.mixpanel.com |
ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
6638292.fls.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net
www.googleadservices.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-111-126.eu-west-1.compute.amazonaws.com
resources.xg4ken.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-224-33.eu-west-1.compute.amazonaws.com
beacon.krxd.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
54 |
cottagesofnorman.com
cottagesofnorman.com |
4 MB |
5 |
gstatic.com
fonts.gstatic.com |
46 KB |
5 |
krxd.net
cdn.krxd.net consumer.krxd.net beacon.krxd.net |
90 KB |
4 |
doubleclick.net
1 redirects
6638292.fls.doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net |
3 KB |
3 |
entrata.com
commoncdn.entrata.com |
143 KB |
2 |
prospectportal.com
cottagesofnormanok.prospectportal.com |
|
2 |
google-analytics.com
www.google-analytics.com |
19 KB |
2 |
googleapis.com
ajax.googleapis.com fonts.googleapis.com |
8 KB |
2 |
fontawesome.com
kit.fontawesome.com ka-p.fontawesome.com |
57 KB |
1 |
google.de
www.google.de |
552 B |
1 |
google.com
www.google.com |
337 B |
1 |
xg4ken.com
resources.xg4ken.com |
5 KB |
1 |
googleadservices.com
www.googleadservices.com |
13 KB |
1 |
mixpanel.com
api-js.mixpanel.com |
349 B |
1 |
mxpnl.com
cdn.mxpnl.com |
25 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
37 KB |
1 |
wc4.net
1 redirects
wc4.net |
307 B |
85 | 17 |
Domain | Requested by | |
---|---|---|
54 | cottagesofnorman.com |
cottagesofnorman.com
|
5 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | cdn.krxd.net |
cottagesofnorman.com
cdn.krxd.net |
3 | commoncdn.entrata.com |
cottagesofnorman.com
|
2 | cottagesofnormanok.prospectportal.com |
commoncdn.entrata.com
|
2 | www.google-analytics.com |
cottagesofnorman.com
www.google-analytics.com |
2 | 6638292.fls.doubleclick.net |
1 redirects
www.googletagmanager.com
|
1 | beacon.krxd.net |
cdn.krxd.net
|
1 | consumer.krxd.net |
cdn.krxd.net
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | www.google.de |
cottagesofnorman.com
|
1 | www.google.com |
cottagesofnorman.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | fonts.googleapis.com |
ajax.googleapis.com
|
1 | resources.xg4ken.com |
cottagesofnorman.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | api-js.mixpanel.com |
cdn.mxpnl.com
|
1 | ka-p.fontawesome.com |
kit.fontawesome.com
|
1 | cdn.mxpnl.com |
cottagesofnorman.com
|
1 | www.googletagmanager.com |
cottagesofnorman.com
|
1 | ajax.googleapis.com |
cottagesofnorman.com
|
1 | kit.fontawesome.com |
cottagesofnorman.com
|
1 | wc4.net | 1 redirects |
85 | 23 |
This site contains links to these domains. Also see Links.
Domain |
---|
cottagesofnormanok.residentportal.com |
thesciongroup.com |
www.facebook.com |
www.instagram.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
cottagesofnorman.com Starfield Secure Certificate Authority - G2 |
2020-03-26 - 2021-03-26 |
a year | crt.sh |
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-13 - 2021-12-14 |
a year | crt.sh |
upload.video.google.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
*.entrata.com DigiCert SHA2 Secure Server CA |
2020-04-29 - 2022-07-15 |
2 years | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
*.mxpnl.com RapidSSL RSA CA 2018 |
2019-07-29 - 2021-07-28 |
2 years | crt.sh |
*.mixpanel.com GeoTrust RSA CA 2018 |
2020-04-20 - 2022-04-21 |
2 years | crt.sh |
*.doubleclick.net GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
www.googleadservices.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
cdn.krxd.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2021-02-08 - 2022-02-07 |
a year | crt.sh |
*.xg4ken.com Go Daddy Secure Certificate Authority - G2 |
2020-09-14 - 2021-10-16 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
*.prospectportal.com Go Daddy Secure Certificate Authority - G2 |
2019-08-05 - 2021-10-04 |
2 years | crt.sh |
www.google.com GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2021-01-19 - 2021-04-13 |
3 months | crt.sh |
consumer.krxd.net DigiCert SHA2 Secure Server CA |
2020-09-14 - 2021-09-14 |
a year | crt.sh |
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-13 - 2022-01-07 |
a year | crt.sh |
This page contains 5 frames:
Primary Page:
https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
Frame ID: 2EB654ACE3D9DBD2DA39AE71A483731A
Requests: 81 HTTP requests in this frame
Frame:
https://6638292.fls.doubleclick.net/activityi;dc_pre=CN27q8Ce2-4CFeKB7QodeQsISg;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=319913174547;gtm=2wg1r0;auiddc=1961098349.1612819947;~oref=https%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%3Futm_source%3DWhatCounts%26utm_medium%3DEmail%26_wcsid%3DAFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
Frame ID: 3258142AC052FB287BC77035FA700EC2
Requests: 1 HTTP requests in this frame
Frame:
https://cottagesofnormanok.prospectportal.com/?module=contact_button&action=contact_button&origin=cottagesofnorman.com&events_url=https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048&is_responsive_snippet=1&snippet_type=contact_button&time_zone=Europe/Berlin
Frame ID: 4EF850EC8C792F282B84FA8782BC1B96
Requests: 1 HTTP requests in this frame
Frame:
https://cottagesofnormanok.prospectportal.com/?module=contact_button&action=popup&origin=cottagesofnorman.com&events_url=https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048&is_responsive_snippet=1&snippet_type=contact_button&time_zone=Europe/Berlin
Frame ID: D36464146C0F19D979209193546CB483
Requests: 1 HTTP requests in this frame
Frame:
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 29AFF87359CE70C28808C5397F71AA1B
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://wc4.net/t?r=6016&c=5203&l=340&ctl=83B9:F3C8802ED8AB22E2CB7246FE662B1FE051D4737B47BA9...
HTTP 302
https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
- meta generator /^WordPress ?([\d.]+)?/i
- headers link /rel="https:\/\/api\.w\.org\/"/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- html /<!-- (?:End )?Google Tag Manager -->/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
Title: residents
Search URL Search Domain Scan URL
Title: COVID-19 Update
Search URL Search Domain Scan URL
Title: Facebook
Search URL Search Domain Scan URL
Title: Instagram
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://wc4.net/t?r=6016&c=5203&l=340&ctl=83B9:F3C8802ED8AB22E2CB7246FE662B1FE051D4737B47BA9A60&
HTTP 302
https://cottagesofnorman.com/gallery/?utm_source=WhatCounts&utm_medium=Email&_wcsid=AFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 58- https://6638292.fls.doubleclick.net/activityi;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=319913174547;gtm=2wg1r0;auiddc=1961098349.1612819947;~oref=https%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%3Futm_source%3DWhatCounts%26utm_medium%3DEmail%26_wcsid%3DAFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048 HTTP 302
- https://6638292.fls.doubleclick.net/activityi;dc_pre=CN27q8Ce2-4CFeKB7QodeQsISg;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=319913174547;gtm=2wg1r0;auiddc=1961098349.1612819947;~oref=https%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%3Futm_source%3DWhatCounts%26utm_medium%3DEmail%26_wcsid%3DAFCA229416954C2AF322C0ADB9D840AF887AA6F8F7CCF048
85 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
cottagesofnorman.com/gallery/ Redirect Chain
|
28 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
styles.css
cottagesofnorman.com/wp-content/plugins/contact-form-7/includes/css/ |
2 KB 845 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wpcdt-timecircles.css
cottagesofnorman.com/wp-content/plugins/countdown-timer-ultimate/assets/css/ |
845 B 607 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cottagesofnorman.com/wp-content/themes/scion/ |
21 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
blocks.css
cottagesofnorman.com/wp-content/themes/twentytwelve/css/ |
10 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flexslider.css
cottagesofnorman.com/wp-content/themes/scion/js/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
colorbox.css
cottagesofnorman.com/wp-content/themes/scion/js/ |
2 KB 1018 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
cottagesofnorman.com/wp-content/themes/scion/twentytwelve-css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
responsive.css
cottagesofnorman.com/wp-content/themes/scion/css/ |
9 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1c25528784.js
kit.fontawesome.com/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ribbon-spring-2015.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
83 KB 83 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
free-housing.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-phone.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-mail.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
34 KB 34 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
menu.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7647-v2.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
265 KB 265 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CON_P_Dog-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
89 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7354-Copy.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
246 KB 246 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7680.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
298 KB 299 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CON_P_Fitness-3_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
92 KB 92 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7455.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
202 KB 202 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CON_P_Exterior-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
170 KB 171 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7511.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
196 KB 196 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CON_P_Yoga-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
135 KB 136 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7461.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
193 KB 193 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CON_Pool-1_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
121 KB 121 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7495.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
242 KB 243 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7449.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
200 KB 201 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7296-Copy.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
174 KB 175 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7659.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
254 KB 255 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7500.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
180 KB 181 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6F3A7284.jpg
cottagesofnorman.com/wp-content/uploads/2017/08/ |
156 KB 156 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
CON_P_Clubhouse-2_RLD.jpg
cottagesofnorman.com/wp-content/uploads/2020/05/ |
130 KB 131 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OULogo100px.png
cottagesofnorman.com/wp-content/uploads/2019/08/ |
4 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
cottagesofnorman.com/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
cottagesofnorman.com/wp-content/plugins/contact-form-7/includes/js/ |
14 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
navigation.js
cottagesofnorman.com/wp-content/themes/twentytwelve/js/ |
2 KB 861 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
cottagesofnorman.com/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
headroom.min.js
cottagesofnorman.com/wp-content/themes/scion/js/headroom/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jQuery.headroom.js
cottagesofnorman.com/wp-content/themes/scion/js/headroom/ |
851 B 562 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.flexslider-min.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
22 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.colorbox-min.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
9 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.jcycle.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
34 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
cottagesofnorman.com/wp-content/themes/scion/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
cottagesofnorman.com/wp-includes/js/ |
1 KB 957 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ |
16 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
i18n.min.js
commoncdn.entrata.com/javascript/i18n/ |
578 KB 122 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
entrata-ui.min.js
commoncdn.entrata.com/javascript/i18n/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
cottagesofnorman.com/wp-includes/js/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
149 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mixpanel-2-latest.min.js
cdn.mxpnl.com/libs/ |
75 KB 25 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pro.min.css
ka-p.fontawesome.com/releases/v5.15.2/css/ |
310 KB 53 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nav-line.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bottom-fade.jpg
cottagesofnorman.com/wp-content/themes/scion/images/ |
1 KB 1 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
facebook-f.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
instagram-f.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scion.png
cottagesofnorman.com/wp-content/themes/scion/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
api-js.mixpanel.com/track/ |
1 B 349 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
activityi;dc_pre=CN27q8Ce2-4CFeKB7QodeQsISg;src=6638292;type=rt3ds0;cat=cotta00;ord=1;num=319913174547;gtm=2wg1r0;auiddc=1961098349.1612819947;~oref=https%3A%2F%2Fcottagesofnorman.com%2Fgallery%2F%...
6638292.fls.doubleclick.net/ Frame 3258 Redirect Chain
|
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
30 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sdfnp2yem.js
cdn.krxd.net/controltag/ |
23 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ktag.js
resources.xg4ken.com/js/v2/ |
12 KB 5 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
10 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
46 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
contact_btn_controller.min.js
commoncdn.entrata.com/website_templates/_assets/_common/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
loading.gif
cottagesofnorman.com/wp-content/themes/scion/js/images/ |
9 KB 9 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controls.png
cottagesofnorman.com/wp-content/themes/scion/js/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg_direction_nav.png
cottagesofnorman.com/wp-content/themes/scion/js/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN_r8OUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
mem6YaGs126MiZpBA-UFUK0Zdc1GAK6b.woff2
fonts.gstatic.com/s/opensans/v18/ |
10 KB 10 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3-Q050 |
memnYaGs126MiZpBA-UFUKWiUNhrIqOxjaPX.woff2
fonts.gstatic.com/s/opensans/v18/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
controltag.js.0631b7d64dbbd3656a8b7368ad227a04
cdn.krxd.net/ctjs/ |
259 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/966793568/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
cottagesofnormanok.prospectportal.com/ Frame 4EF8 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
cottagesofnormanok.prospectportal.com/ Frame D364 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3-Q050 |
collect
www.google-analytics.com/j/ |
4 B 393 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 29AF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/966793568/ |
42 B 337 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/966793568/ |
42 B 552 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 446 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7b3785dc-e5e8-4465-88e8-0bb2db048533
consumer.krxd.net/consent/get/ |
234 B 425 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
optout_check
beacon.krxd.net/ |
79 B 238 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
62 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| _wpemojiSettings object| dataLayer function| getQueryParam function| campaignParams object| mixpanel object| FontAwesomeKitConfig undefined| $ function| jQuery object| wpcf7 string| distinct_id string| utm_source string| utm_medium undefined| utm_term undefined| utm_campaign string| utm_source_last_touch string| utm_medium_last_touch undefined| utm_term_last_touch undefined| utm_campaign_last_touch object| google_tag_manager object| google_tag_data function| Krux function| ktag function| Headroom object| jQuery112405729789559446778 function| handleLogo function| onAfter function| evenFloorplans object| wp object| WebFont string| GoogleAnalyticsObject function| ga object| i18nUtils function| __ object| entrataUI function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup object| ppcb object| ppcbConfig object| gaplugins object| gaGlobal object| gaData object| twemoji7 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.doubleclick.net/ | Name: IDE Value: AHWqTUn-CVtomIslzHRI_Ybet2lp8f4BrXcCStICNWK_Et1W3nobFqj4n4XYn4a5WVI |
|
.cottagesofnorman.com/ | Name: _gat Value: 1 |
|
.cottagesofnorman.com/ | Name: _ga Value: GA1.2.999669038.1612819948 |
|
.cottagesofnorman.com/ | Name: _gid Value: GA1.2.484245469.1612819948 |
|
.krxd.net/ | Name: _kuid_ Value: N7xTiBxG |
|
.cottagesofnorman.com/ | Name: _gcl_au Value: 1.1.1961098349.1612819947 |
|
.cottagesofnorman.com/ | Name: mp_4cb1a404409e6cdf6aff47392aba96bd_mixpanel Value: %7B%22distinct_id%22%3A%20%22177838f5e4e54d-0fc97eb705d3e4-1b396256-1d4c00-177838f5e4f577%22%2C%22%24device_id%22%3A%20%22177838f5e4e54d-0fc97eb705d3e4-1b396256-1d4c00-177838f5e4f577%22%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22__mps%22%3A%20%7B%22%24os%22%3A%20%22Mac%20OS%20X%22%2C%22%24browser%22%3A%20%22Chrome%22%2C%22%24browser_version%22%3A%2083%2C%22%24initial_referrer%22%3A%20%22%24direct%22%2C%22%24initial_referring_domain%22%3A%20%22%24direct%22%2C%22utm_source%20%5Blast%20touch%5D%22%3A%20%22WhatCounts%22%2C%22utm_medium%20%5Blast%20touch%5D%22%3A%20%22Email%22%7D%2C%22__mpso%22%3A%20%7B%22utm_source%20%5Bfirst%20touch%5D%22%3A%20%22WhatCounts%22%2C%22utm_medium%20%5Bfirst%20touch%5D%22%3A%20%22Email%22%7D%2C%22__mpus%22%3A%20%7B%7D%2C%22__mpa%22%3A%20%7B%7D%2C%22__mpu%22%3A%20%7B%7D%2C%22__mpr%22%3A%20%5B%5D%2C%22__mpap%22%3A%20%5B%5D%2C%22utm_source%20%5Blast%20touch%5D%22%3A%20%22WhatCounts%22%2C%22utm_medium%20%5Blast%20touch%5D%22%3A%20%22Email%22%2C%22utm_source%22%3A%20%22WhatCounts%22%2C%22utm_medium%22%3A%20%22Email%22%7D |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6638292.fls.doubleclick.net
ajax.googleapis.com
api-js.mixpanel.com
beacon.krxd.net
cdn.krxd.net
cdn.mxpnl.com
commoncdn.entrata.com
consumer.krxd.net
cottagesofnorman.com
cottagesofnormanok.prospectportal.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ka-p.fontawesome.com
kit.fontawesome.com
resources.xg4ken.com
stats.g.doubleclick.net
wc4.net
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
142.250.186.102
142.250.186.162
151.101.114.133
152.195.39.191
198.190.14.13
216.70.123.61
2600:1901:0:bc29::
2606:4700::6812:1634
2a00:1450:4001:80f::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::200e
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2002
2a00:1450:400c:c00::9c
34.210.132.119
35.186.241.51
52.19.224.33
52.48.111.126
00275f374a17757c907c5299e9f15354aeacbc2a87a5062a2e78960d682ec889
015c9298268386e0aba6c3ac3dbaed6f01d8b375588ebef2058e623ba1c73531
07bf87548212f24057ba352fed5ec567dab724b44a7fc88ddc393cbc7706d033
0d6762417b3b91c64f1d9c9689deb17a1120dfaf507b547b6bf5a11fdf0968a8
0e12cb18a3f32509139578670ce5428a5ce9e0849a0b3295dadccac47a3f6547
1024757886c2dd8b8dab4bb1fda3d7b6bded1eb47b189f685d024c05d6f14a1a
12fc49ea3a83617a89f5a9a5f6110e6bfd7464f1286928f260c0d38b94cb7257
181126341f2d26c391b98b5bfcbe7975481fcb45bf82509a6b79e5854f69f711
1833dd8b12e343fabdaa88ccdc017af44753571fb6dcfbd6fb5a50c893b75fae
2152557cac69e2bd7d6debef5037a9f554f9209cc305b8141b3329acb10c42b7
22a00f658e42eab611e164e48f6393d9ee5c3b0a982d6caff48f0fc6724d65ca
2a1f151fcf02070ea313b9edc74b6728d4ef6511319d3fe3ca3048752b3112cc
2e1d85bf22bc04334a3939eb7099ced7c1e3de7698bd390a680bf22193f506d0
2f8e70ac0ede15bfb75a5fb3dc583eeb9d9137a052cf3c9b9456272237b45ebc
31252a7225526011e54c7fafc60612b8dcee5291d5ba8ae6ddf6196572d101f7
3ad2fcb328295f1199d593adaba909f3eea790f695554ac3c1da7aa009fc0e0d
3b6c8e619e7efef74e8422ad1f59c3f6ebddf7a323aada04f4926a9abcd44a4c
409716bb0a0d62b55f4884fbd7e9c0414293acb03971118ccfeadc797095ff7c
4210448ac68ac97c853295dabad6579337d1af3a06751dcf5f8721031804bb84
47f8c669cd3c7333fe0d69f178d490f40bfa501d639e5169267b08580d2a88ee
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4e79e2d7d09f0fd94767097e80b35401614a89a0c5e641f893c15c1f36d2bb34
4ec8a024ce75c8eaa600c8ed5703d6d8deb5d7a02bd8e90f54e01f7eeee2e220
4f547eab736e8f0310719f0c306c31255c71a829018c631ebe49d50002cc5320
534dc5275ae15deb2dbbc697416d477e3d82e148d6ec3be7b88081883fe9d8d4
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
54f9cccca77a4383be7a61eefe7cf4b1dfba38ce0bd1eba38948922276425572
5e261f7e11c39ff6f4c8fe884e5c9de2fa15f29085a1adefdd36603ef2e23c00
5ea5ac052b9349696157f4f594a0419a214bfdbac97145f335189821871dec06
65a9d544a996e30913adc58de40917ef05263cf3de9b3dc6e86938693f8a2d82
68da1f260e79b15d2d5ca9aee0b05e2243ee47cca9d732b3625f4bbb1b77b8bf
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d086e37699b4481f3695c53b4557e1dbf3f111fd64be0c9ea78ddcaadc672fd
6deaecd74231eebeae3b8daa0e6ba6df8dc37f292d25eb4d3e9717c49b80f11f
71e29dc805be947621e422dbfce59ea80eb8b00641874275b6393c441f0e44d1
77e72719f405230a510215b93e04516cf92230efaac50e7c82276e9fd7c76593
79f98a46adfecdfd23cbd4cd6ad3938edf85b30cb401b2baa195ed314d713dda
85f3d42d6286df4aca41d035edaac63ebad9fc37498404af862f8ee8ac116536
93dd4cb76e2ec8cb5879b6bd29ba69d57568bdeda57d9d1f7acc4d6ed0f743ae
943160d444616d5a729c4fa3181db1b848a82e0860004da6db04dacddbf95bd5
979f687d2d1e378e6938181e022855ae58510029a056b91f170052444fee42f7
9bfd6a06423f6deefc8b951af32a756becfbbc8804368ed217ef1d9cf55901ff
9cb201a6e1f7869a6c75ab7d7447e8db0a0cddd6bad09164821e699c9997abba
9f0a2dde76bd38b93f7ad312bb60ade49386554fd767ffd1667fb665eb284e48
a36616dc61a9c5d4f034e1758a86a34d630f9a63cfd91c1ac49c01f121e323a5
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a66f9c268750d8498af17f1351d34f64dea78728642e7f255b5a182570f01e8d
a74f8231760b80cd51dedb5c168f9be3d305d8930835add80566e788b6300892
a889f4118453700ca68780deb344d81d3becadb8871891fd0dea8d0e66b7fb72
a9c2b9d168167e4c4b13aac7250b28333931538ccca620ca414f586f34968b93
ac8aa9c2c001e6646f7ed896a62d7dd75159116e9b24675164030750c0d0e4de
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1ce6ee9230efeb04a3e32ac6d6e564ea192399e6b1e815c516a895e27a3817f
b28a63ce0d5aac0825fb659b556e1afd9d68661baffbb3345dfc9467cd07354c
b793ef703204a197376351e78ca3f0ad56f4c2879de8f5da80fb2fe7555379fa
b7e17926b30342edecee8b3a93029ac51462e2b479277d8e077ba57173eb1900
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
be6e134a085af272e6c9b03832cf2d1b1134fff524693456a3a361cc64df4c32
bfa3bad2e334b71ef7cbcc6aca7ece08cb241f9c89b296e5bc49c1d676947eb6
c29fa679666d55d2c04ebfb4d78bb1b7fdea2baa93a38feb29ba92077e44c963
c4eb51f22f568120cf9ab08fbeae1a5369ec10fd7dba0ceba07038b07a9a9975
c73dc77c8eb4228618d5b975c54eab771357255fc0c206e284d9635f10cfe73a
cc9578035e6277967d568b6762243591eed64da7da3faebffbf3fc589aad9b49
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
ce53f790d81c2cac4a8cb13d1aa8043b47a4a04a2723c6661487b0c05836a263
cf132c672451d61de1432e3cfb6246edcaa242edf83ed478b32d2754069668bb
cf34e1b87bbfd9d9b185dec994924a496e279d8dc9387ad8d35bc0110134c4d3
d011935735af1ba5071059eb9b06556025c9b69bb0dd23639ee18429556eb523
d2458b9fd9089fdcb9de317093e004ef3a65597dc68b9adfdeb15a7c9968d0d5
da44b393542d5606675d82b93c82c01c12ca31791add8ac0830d1aea26967f1c
dd030e973a26c5f41da9b2a1cf5eb958e78d1a7ac52bddcd24c8d34afbacd2a6
e0708ae6f7bd26335c3c0d70de95dba0870e3d1bd5625dd4febfd652f693b09b
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e56b08590b93eda20511daa2bfa928102159e396f10f55f4ae7e9298f6e5a9d5
e745a003a7adbf157db6fa239bac8765f3bb6136f6c4757b8b8c4bb4183ffefb
ee2142d2d84e169a6f92e80040206a8ec7e7cd466fa0f131aee972c4ff512a78
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4954799f5b5faf8832bf362358d9cdbb3e212c3134f49afbdfaa1957aa2d988
ffcde34efda55a63cb66dbec4bf10acb531014d581e2d8e511836b84e08c2305