www.pluck-a-duck.com
Open in
urlscan Pro
198.71.233.106
Public Scan
Submission: On December 27 via api from US
Summary
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on October 16th 2019. Valid for: a year.
This is the only time www.pluck-a-duck.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-198-71-233-106.ip.secureserver.net
www.pluck-a-duck.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
maxcdn.bootstrapcdn.com |
ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
connect.podium.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-8-115-137.us-west-1.compute.amazonaws.com
fareharbor.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-143-204-208-127.fra53.r.cloudfront.net
d2xcq4qphg1ge9.cloudfront.net |
ASN32934 (FACEBOOK - Facebook, Inc., US)
connect.facebook.net |
ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com |
ASN33438 (HIGHWINDS2 - Highwinds Network Group, Inc., US)
cdn.mouseflow.com |
ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
www.google.de |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-88-61-207.us-west-2.compute.amazonaws.com
mind-flayer.podium.com |
ASN32934 (FACEBOOK - Facebook, Inc., US)
www.facebook.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
assets.podium.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
avatars.podium.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
29 |
secureservercdn.net
secureservercdn.net |
581 KB |
22 |
podium.com
connect.podium.com mind-flayer.podium.com assets.podium.com avatars.podium.com |
1 MB |
4 |
gstatic.com
fonts.gstatic.com |
51 KB |
4 |
fareharbor.com
fareharbor.com |
14 KB |
3 |
facebook.net
connect.facebook.net |
153 KB |
2 |
facebook.com
www.facebook.com |
393 B |
2 |
mouseflow.com
1 redirects
cdn.mouseflow.com |
33 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
18 KB |
2 |
google.com
1 redirects
www.google.com |
357 B |
2 |
googleapis.com
fonts.googleapis.com |
2 KB |
1 |
google.de
www.google.de |
109 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
160 B |
1 |
cloudfront.net
d2xcq4qphg1ge9.cloudfront.net |
8 KB |
1 |
googletagmanager.com
www.googletagmanager.com |
27 KB |
1 |
fh-kit.com
fh-kit.com |
19 KB |
1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
7 KB |
1 |
pluck-a-duck.com
www.pluck-a-duck.com |
10 KB |
75 | 17 |
Domain | Requested by | |
---|---|---|
29 | secureservercdn.net |
www.pluck-a-duck.com
secureservercdn.net |
10 | connect.podium.com |
www.pluck-a-duck.com
connect.podium.com |
8 | mind-flayer.podium.com |
connect.podium.com
|
4 | fonts.gstatic.com |
www.pluck-a-duck.com
|
4 | fareharbor.com |
www.pluck-a-duck.com
fareharbor.com |
3 | assets.podium.com | |
3 | connect.facebook.net |
www.pluck-a-duck.com
connect.facebook.net |
2 | www.facebook.com |
www.pluck-a-duck.com
|
2 | cdn.mouseflow.com |
1 redirects
www.pluck-a-duck.com
|
2 | www.google-analytics.com |
1 redirects
www.googletagmanager.com
|
2 | www.google.com |
1 redirects
www.pluck-a-duck.com
|
2 | fonts.googleapis.com |
www.pluck-a-duck.com
|
1 | avatars.podium.com | |
1 | www.google.de |
www.pluck-a-duck.com
|
1 | stats.g.doubleclick.net | 1 redirects |
1 | d2xcq4qphg1ge9.cloudfront.net |
www.pluck-a-duck.com
|
1 | www.googletagmanager.com |
www.pluck-a-duck.com
|
1 | fh-kit.com |
www.pluck-a-duck.com
|
1 | maxcdn.bootstrapcdn.com |
www.pluck-a-duck.com
|
1 | www.pluck-a-duck.com | |
75 | 20 |
This site contains links to these domains. Also see Links.
Domain |
---|
fareharbor.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.pluck-a-duck.com Go Daddy Secure Certificate Authority - G2 |
2019-10-16 - 2020-10-16 |
a year | crt.sh |
secureservercdn.net Let's Encrypt Authority X3 |
2019-12-03 - 2020-03-02 |
3 months | crt.sh |
*.bootstrapcdn.com Sectigo RSA Domain Validation Secure Server CA |
2019-09-14 - 2020-10-13 |
a year | crt.sh |
*.storage.googleapis.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2019-11-10 - 2020-10-09 |
a year | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
*.podium.com Amazon |
2019-10-15 - 2020-11-15 |
a year | crt.sh |
fareharbor.com Amazon |
2019-10-23 - 2020-11-23 |
a year | crt.sh |
*.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2019-12-06 - 2020-03-05 |
3 months | crt.sh |
*.google.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
*.mouseflow.com COMODO RSA Domain Validation Secure Server CA |
2017-04-25 - 2020-05-09 |
3 years | crt.sh |
www.google.de GTS CA 1O1 |
2019-12-03 - 2020-02-25 |
3 months | crt.sh |
This page contains 8 frames:
Primary Page:
https://www.pluck-a-duck.com/duck-hunts/
Frame ID: EBD0EEF9E792C926CA4088FF00A86588
Requests: 61 HTTP requests in this frame
Frame:
https://fareharbor.com/embeds/cart/?u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
Frame ID: BB5825BACB33A15E93422048FCA75A25
Requests: 1 HTTP requests in this frame
Frame:
https://fareharbor.com/embeds/calendar/pluckaduck/?full-items=yes&u=7b27a00c-ea3d-453e-a1a8-139db0951d1d&from-ssl=yes
Frame ID: 63BF12EBC52C4FB9F16FDF6AA86B22B4
Requests: 1 HTTP requests in this frame
Frame:
https://www.google.com/maps/embed?pb=!1m14!1m8!1m3!1d1977486.9516225988!2d-91.54934849506098!3d35.504166546764644!3m2!1i1024!2i768!4f13.1!3m3!1m2!1s0x0%3A0xa0789cddb3279bc8!2sPluck-A-Duck%20Lodge!5e0!3m2!1sen!2sus!4v1568049643861!5m2!1sen!2sus
Frame ID: DE915A7E304DB9F436B6794B45DE0BBA
Requests: 1 HTTP requests in this frame
Frame:
https://connect.podium.com/styles/reset.css
Frame ID: 52AD229CB5495BA0E42A0EE463A869F4
Requests: 2 HTTP requests in this frame
Frame:
https://connect.podium.com/styles/reset.css
Frame ID: 14ADAC0BD7536B4B3F6FE2FD8D288931
Requests: 2 HTTP requests in this frame
Frame:
https://connect.podium.com/styles/reset.css
Frame ID: 60460621B6F7504BE16A37A6B6FE6606
Requests: 3 HTTP requests in this frame
Frame:
https://connect.podium.com/styles/reset.css
Frame ID: C4213343AE0AA05F2ED58F634C95EFFF
Requests: 5 HTTP requests in this frame
Screenshot
Detected technologies
WordPress (CMS) ExpandDetected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
Lua (Programming Languages) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
PHP (Programming Languages) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
MySQL (Databases) Expand
Detected patterns
- html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
- script /\/wp-(?:content|includes)\//i
Nginx (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
OpenResty (Web Servers) Expand
Detected patterns
- headers server /openresty(?:\/([\d.]+))?/i
Facebook (Widgets) Expand
Detected patterns
- script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i
Font Awesome (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Lightbox (JavaScript Libraries) Expand
Detected patterns
- html /<link [^>]*href="[^"]+lightbox(?:\.min)?\.css/i
- script /lightbox.*\.js/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Book Now
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 47- https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9.js HTTP 301
- https://cdn.mouseflow.com/projects/39bcbe3f-4af1-44b8-8105-bc35310519d9_eu.js
- https://www.google-analytics.com/r/collect?v=1&_v=j79&a=793555511&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F&ul=en-us&de=UTF-8&dt=Duck%20Hunts%20%7C%20Pluck-A-Duck%20Lodge&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=IEBAAUAB~&jid=1433631029&gjid=1405212499&cid=1510325970.1577461523&tid=UA-34063123-1&_gid=1861235886.1577461523&_r=1>m=2ouc61&z=805438105 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_gid=1861235886.1577461523&gjid=1405212499&_v=j79&z=805438105 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-34063123-1&cid=1510325970.1577461523&jid=1433631029&_v=j79&z=805438105&slf_rd=1&random=3690944939
75 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
www.pluck-a-duck.com/duck-hunts/ |
40 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/css/dist/block-library/ |
40 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sb-instagram.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/instagram-feed/css/ |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/ |
30 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nivo-lightbox.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/themes/default/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget-options.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/widget-options/assets/css/ |
1010 B 656 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/ |
701 KB 72 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
24 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/DiviChild/ |
2 KB 646 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fh-kit.com/buttons/v2/ |
228 KB 19 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tablepress-combined.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dashicons.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/css/ |
46 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tablepress-responsive.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/tablepress-responsive-tables/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/ |
95 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/jquery/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nivo-lightbox.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/nivo/ |
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
infinite-scroll.pkgd.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/assets/infinitescroll/ |
25 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
front.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/responsive-lightbox/js/ |
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
73 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
895 B 464 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
et-divi-customizer-global-15717652887035.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/cache/et/global/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
et-core-unified-15717672115786.min.css
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/cache/et/1461/ |
4 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pluck-a-duck-logo.png
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/10/ |
79 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
duck-hunting-in-arkansas-300x160.jpg
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/06/ |
20 KB 21 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
785E1765-AF8F-43F1-8CD5-41ABAE7A7DA0-300x225.jpeg
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/05/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
43D30B3E-6017-47FD-B334-6E2AD446A6FE-300x211.jpeg
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/05/ |
23 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
connect.podium.com/ |
575 B 672 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fareharbor.com/embeds/script/calendar/pluckaduck/ |
21 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fareharbor.com/embeds/api/v1/ |
21 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sb-instagram.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/instagram-feed/js/ |
99 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframeResizer.min.js
d2xcq4qphg1ge9.cloudfront.net/javascript/responsive_embed/20150624/ |
8 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shortstack-for-wp.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/plugins/shortstack-for-wp/public/js/ |
326 B 630 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
custom.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/js/ |
266 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/core/admin/js/ |
1 KB 972 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-includes/js/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
126 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem8YaGs126MiZpBA-UFVZ0bf8pkAg.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.ttf
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/themes/Divi/core/admin/fonts/ |
90 KB 91 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UNirkOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vm8vdRfvXFLG3OLnsO15WYS5DG74wNJVMJ8b.woff2
fonts.gstatic.com/s/kaushanscript/v8/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mem5YaGs126MiZpBA-UN7rgOUuhpKKSTjw.woff2
fonts.gstatic.com/s/opensans/v17/ |
9 KB 9 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fareharbor.com/embeds/cart/ Frame BB58 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
fareharbor.com/embeds/calendar/pluckaduck/ Frame 63BF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
embed
www.google.com/maps/ Frame DE91 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
43 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
944 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
39bcbe3f-4af1-44b8-8105-bc35310519d9_eu.js
cdn.mouseflow.com/projects/ Redirect Chain
|
98 KB 33 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.5d7c9b55.js
connect.podium.com/static/js/ |
790 KB 232 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
identity.js
connect.facebook.net/signals/plugins/ |
42 KB 10 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
3063527177022851
connect.facebook.net/signals/config/ |
447 KB 112 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 109 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ |
0 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 247 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pluck-a-duck-logo.png
secureservercdn.net/198.71.233.106/ono.38c.myftpupload.com/wp-content/uploads/2019/10/ |
79 KB 79 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 146 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
3 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ |
0 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ |
0 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
connect.podium.com/styles/ Frame 52AD |
1 KB 987 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
connect.podium.com/styles/ Frame 52AD |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
connect.podium.com/styles/ Frame 14AD |
1 KB 987 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
connect.podium.com/styles/ Frame 14AD |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
connect.podium.com/styles/ Frame 6046 |
1 KB 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
connect.podium.com/styles/ Frame 6046 |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular.woff
assets.podium.com/fonts/ Frame 6046 |
47 KB 48 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
210 B 575 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
36 B 400 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
reset.css
connect.podium.com/styles/ Frame C421 |
1 KB 988 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.css
connect.podium.com/styles/ Frame C421 |
34 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H/1.1 |
graphql
mind-flayer.podium.com/ |
0 465 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avatar.jpeg
avatars.podium.com/2313073/094f7263-faf2-4031-b06d-bcbd612be533/ Frame C421 |
652 KB 653 KB |
Image
binary/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Medium.woff
assets.podium.com/fonts/ Frame C421 |
46 KB 47 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Graphik-Regular.woff
assets.podium.com/fonts/ Frame C421 |
47 KB 48 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
graphql
mind-flayer.podium.com/ |
36 B 400 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
134 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate string| et_site_url string| et_post_id function| et_core_page_resource_fallback object| _wpemojiSettings undefined| $ function| jQuery function| jQueryBridget function| EvEmitter function| matchesSelector object| fizzyUIUtils function| InfiniteScroll function| imagesLoaded object| rlArgs function| gtag object| dataLayer function| fbq function| _fbq object| google_tag_manager object| FH string| GoogleAnalyticsObject function| ga string| sbiajaxurl object| _mfq object| sb_instagram_js_options boolean| sbi_js_exists object| sbIconSVG object| addLinks function| sbSVGify function| sbiSizeSVG function| addLinksToPage function| sbi_init function| sbiAddTokenToExpiredList function| sbiCachePhotos function| sbiGetColumnCount function| sbiGetWidthForResType function| sbiGetBestResolutionForAuto function| sbiNeedToRaiseRes function| sbiGetResolutionSettings function| sbi_cache_all function| iFrameResize object| DIVI object| et_shortcodes_strings object| et_pb_custom object| et_pb_box_shadow_elements boolean| isBuilder function| et_shortcodes_init function| Waypoint object| salvattore function| et_pb_smooth_scroll function| et_pb_form_placeholders_init function| et_duplicate_menu function| et_pb_remove_placeholder_text function| et_fix_fullscreen_section function| et_bar_counters_init function| et_fix_pricing_currency_position function| et_pb_set_responsive_grid function| et_pb_set_tabs_height function| et_pb_box_shadow_apply_overlay function| et_pb_init_nav_menu function| et_pb_toggle_nav_menu function| et_pb_apply_sticky_image_effect boolean| et_load_event_fired boolean| et_is_transparent_nav boolean| et_is_vertical_nav boolean| et_is_fixed_nav boolean| et_is_minified_js boolean| et_is_minified_css boolean| et_force_width_container_change function| et_pb_init_modules function| et_pb_debounce object| jQuery112407436274258718749 object| ET_SmoothScroll boolean| et_calculating_scroll_position boolean| et_side_nav_links_initialized object| wp function| insertJS number| start number| interval function| main number| sbiCommentCacheStatus object| sbiCacheStatuses object| sbiFeedMeta object| sbiUseBackup object| $et_tooltip object| $et_learn_more function| et_pb_slider_init function| et_countdown_timer function| et_countdown_timer_labels function| et_pb_circle_counter_update function| et_apply_parallax function| et_parallax_set_height function| et_apply_builder_css_parallax function| et_pb_play_overlayed_video function| et_pb_resize_section_video_bg function| et_pb_center_video function| et_pb_adjust_video_margin function| et_fix_slider_height number| window_width function| et_pb_submit_newsletter function| et_fix_testimonial_inner_width function| et_pb_video_background_init function| et_reinit_waypoint_modules function| et_calc_fullscreen_section function| et_calculate_fullscreen_section_size function| debounced_et_apply_builder_css_parallax function| et_pb_parallax_init function| et_pb_fullwidth_header_scroll function| et_pb_search_init function| et_pb_search_percentage_custom_margin_fix function| et_pb_comments_init function| et_calculate_header_values function| et_change_primary_nav_position function| et_fix_page_container_position function| et_pb_window_side_nav_scroll_init function| et_pb_side_nav_page_init function| rl_view_image function| rl_hide_image object| twemoji object| $element object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| setImmediate function| clearImmediate object| regeneratorRuntime undefined| _ undefined| register boolean| podiumWebsiteWidgetLoaded object| mouseflow string| waypointContextKey object| PodiumWebChat13 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fareharbor.com/ | Name: mp_ac6482ea6d5da620bb15ce24d0d328ca_mixpanel Value: %7B%22distinct_id%22%3A%20%2216f4808a2ea59c-03d58036c409e2-31641f72-1d4c00-16f4808a2ebe79%22%2C%22%24device_id%22%3A%20%2216f4808a2ea59c-03d58036c409e2-31641f72-1d4c00-16f4808a2ebe79%22%7D |
|
.fareharbor.com/ | Name: mp_ec17ab267df6688013d497b75ddd3308_mixpanel Value: %7B%22distinct_id%22%3A%20%227b27a00c-ea3d-453e-a1a8-139db0951d1d%22%2C%22%24device_id%22%3A%20%2216f4808a2e3c6-004be08cb670cb-31641f72-1d4c00-16f4808a2e4dcd%22%2C%22%24user_id%22%3A%20%227b27a00c-ea3d-453e-a1a8-139db0951d1d%22%2C%22%24initial_referrer%22%3A%20%22https%3A%2F%2Fwww.pluck-a-duck.com%2Fduck-hunts%2F%22%2C%22%24initial_referring_domain%22%3A%20%22www.pluck-a-duck.com%22%2C%22company%22%3A%20null%2C%22userType%22%3A%20%22anonymous%22%2C%22mp_name_tag%22%3A%20%22Guest%22%7D |
|
.pluck-a-duck.com/ | Name: _gat_gtag_UA_34063123_1 Value: 1 |
|
.fareharbor.com/ | Name: _gid Value: GA1.2.1048723075.1577461523 |
|
.pluck-a-duck.com/ | Name: _gid Value: GA1.2.1861235886.1577461523 |
|
fareharbor.com/ | Name: fh-units-language Value: en-us |
|
.pluck-a-duck.com/ | Name: _fbp Value: fb.1.1577461522709.1336182553 |
|
fareharbor.com/ | Name: csrftoken Value: TLHIAIvzVqJO5b6YumP8xDL9NWsSafwq |
|
.pluck-a-duck.com/ | Name: mf_39bcbe3f-4af1-44b8-8105-bc35310519d9 Value: -1 |
|
.fareharbor.com/ | Name: _ga Value: GA1.2.1591825676.1577461523 |
|
fareharbor.com/ | Name: fh-target-language Value: en-us |
|
fareharbor.com/ | Name: fh-content-language Value: en-us |
|
.pluck-a-duck.com/ | Name: _ga Value: GA1.2.1510325970.1577461523 |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=300 max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.podium.com
avatars.podium.com
cdn.mouseflow.com
connect.facebook.net
connect.podium.com
d2xcq4qphg1ge9.cloudfront.net
fareharbor.com
fh-kit.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
mind-flayer.podium.com
secureservercdn.net
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.pluck-a-duck.com
143.204.208.127
198.71.233.106
2001:4de0:ac19::1:b:3b
23.111.9.38
2600:9000:2057:dc00:1a:3af:f5c0:93a1
2600:9000:2057:ec00:1c:e48e:5600:93a1
2600:9000:214f:2200:1f:7c97:a480:93a1
2606:4700:20::681a:820
2a00:1450:4001:809::200a
2a00:1450:4001:814::2003
2a00:1450:4001:814::200e
2a00:1450:4001:816::2003
2a00:1450:4001:81e::2008
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9b
2a02:fe80:1010::16
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
52.8.115.137
52.88.61.207
001edabb32586908a2b12675bf32417a1fdae91ef8984ac51ef229db13d10960
006398cc82fdeb956ce5829ef9d1e96a4bdb8e8e454357737a658289114522d7
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
03cb807237aa856f32609d565a6ba551d0f1501e121bf93ec2206468ec40dd60
0a733c9a259685cf9a9816145434c0087227f35400e16208e7e63e58ccd44538
0b8396fe547e788e635527ec83f22991f9c342bc541308a4a0042ae3c0acf09b
0f121f077faf50471f147e9e98167a479f12ebd5c5cf825372a22ed83fa38b1c
10af556f1b170b3c6184b01eab13cb1c9d07b991649539d9d9eabe322cc40b09
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16dfd97ce7080f706ab99b1d8d407a7d8a607160dc785bcf9217fc6b7c543424
18aa66c192cbef43a61b1398c292ae5c6c1d40d679428ee998b1c6bfaf61d75a
1929dab7d2cb32760115d8f0ae635b45c22e8329cbb224b149c81bd9b752f51c
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1ada5b4d0b63b06d2bd668cd7d6597689796da41a434a675cfdbd2a1bddf251a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
281e59760f2788262969e8ba7ba2fb9270fa10b7f7bfa020cc81dc16f0fa8d6d
2d1ebc88e56ceb0aa1d93c5e7f46539110c25d1d07a1bab71a8dc3afa5d07cb8
3458486489eeb3606df97e3ff5dc1d9a91bdc76a28b913cae6e7f5a6329e1855
3b9710af8338002657e41f95ca4b3230620ee4f5b634fd49538a09abff367997
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c9206b54656256361147be4115c2e24a94fce825f37b5d47715942a1dafc4d3
4ee3a46c7e627f7d03216cb93719a12739500bb7600c34bea9a8d30947629d59
54c64f3c66372027154f01fc9f24b4e25fdfe405b70d1994c79abbc2576ff775
556539a94582edc4064ee6830f3c2d902d6034626594ca53def5e135f8b15759
69fd68d4233a0c8733c0f1d26d0c1ebda9aaebfc72068ec3904cda8d5ce8dd0b
70e13dd839f950cf267f796c34a93b3a4ba88ce8331001bd6b9dbfaa1641944e
74adb490a877cc15e0a6d0adc6d0e6bffc0462c1de37cb99ad103663af6a296c
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b590c659e185eea4128e5014d0d47ee569f1d5ac5a3f13fc842eb3e32f11f8f
856481a6aa5b2680185bb1781faad70e008bc52e29357dcd4ce437684b8b694c
8ac8e82aec8374261b897cd87b3c4110ea7d23e0839aed51b36f3ace1b6b931c
8c387136ca55cf33a793e73eef1fdf8cb41a553293c60380d6860435896aaa9f
8cdecb935d2b94786d405a6f88016387d82a9b7eb81496d74f6580296e598dd5
937ea91a15942209923f2ae9ea6d9114a978c85c4f531dd7074f59b66c575bff
93fbfa7dfb5327b1a49c19630843ac9aaad1707151f24e5cb165cef12aea2424
9764ea9d6e05d8f02892f2c52eb4ca9888e3c4d5f0a2b4037fa9d38f5dba259e
97af939acbc5ac48df9d3f461c83849d5eafee3557bdbe75372013148da8d5d9
9ae5e48a8fc471786854e0630f109d08c0cdf21808f94ddb2c75daf075093efa
a3391a9fa68a12cce5d9736593e3b24f78698c5f7f6a6a3a1a6644f813875403
a48a6e4b14fe55f750c0a3dfb5a6f4941bdc06af0aa542b90de25c30c2b4625c
a82d4f70aa50c4d00557c3f314259be8e49173553c5cf8fc5edb7add6e07014d
a97fa54f6021ee0f787f58a718309db3bdef5efb7ed5d149a97f755a5206b579
a9e94833815b622b7c62cbde72a3c14586b45c1ec7950e991831153477b6adce
acda3b1eaf36ea10066decf21f77191c2e951811da7ca34ff97fb32996725f10
af55b54e6fb342bae213c5bab5f09d3ec57be10fd0f2fdb9f6b1c6e7a5571070
b8e23a845bc6b7fd417d29182e0e38d353e64b5e12e06bb1de2b5ce063db1dcc
be95ee2038d07c32b9ff21c3284d47c19ff7129e90f2f25a0f96663cbee4ecca
c05ee8fac93fde19412046a913b9aecd86210aba6b72cff7c94e01170dd11e3b
cc24d9b06905c5ebc3e14d0a57d62fd20dee67f153639b296929d73dee04641d
d188ce0e476bf4994827347d4433fec168619bb7eb2adf13aaec6fced0caf7eb
d201a2c3118a00c82cc48e89815f5139f23956bbe248107dcf522acc77b97c09
d70e6a14e60edf558b639153a68905346078aa6d539ad47ef0ba0d3c823a27e5
d9662b4b9ba6c2c3691ce0acd4572e027366eb97d6070550a13429262bb0037f
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dded578f0054d560e129a6bb72878b1c87bc173e99e3fd2ea6b8c16372370c5b
e23049eb432f619ac9ab93cdeaa5bb4debd09e10ebd0fc21960f6cc2bb5b598c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fae8f67e860a44b8ee6b4ff8b9aaf2ed9ca1cfd1ffc7b305ed0d76046beb53d3
fffd052be112c4f900919c55d9fe90e138594b8567a448ae433ef82227f9c62d