welcometoyourtorontohome.com.avenuehq.cool
Open in
urlscan Pro
45.56.89.86
Public Scan
Effective URL: https://welcometoyourtorontohome.com.avenuehq.cool/
Submission: On February 07 via api from CA — Scanned from CA
Summary
TLS certificate: Issued by R3 on November 29th 2021. Valid for: 3 months.
This is the only time welcometoyourtorontohome.com.avenuehq.cool was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li891-86.members.linode.com
www.welcometoyourtorontohome.com.avenuehq.cool | |
welcometoyourtorontohome.com.avenuehq.cool | |
normanxu.avenuehq.cool |
ASN16625 (AKAMAI-AS, US)
PTR: a23-43-169-3.deploy.static.akamaitechnologies.com
use.edgefonts.net |
ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li159-207.members.linode.com
normanxu.avenuehq.com |
ASN15169 (GOOGLE, US)
PTR: 58.118.201.35.bc.googleusercontent.com
form.jotform.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN20940 (AKAMAI-ASN1, NL)
vod-progressive.akamaized.net |
ASN13335 (CLOUDFLARENET, US)
cdn02.jotfor.ms | |
cdn03.jotfor.ms |
ASN32934 (FACEBOOK, US)
www.facebook.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
avenuehq.cool
3 redirects
www.welcometoyourtorontohome.com.avenuehq.cool welcometoyourtorontohome.com.avenuehq.cool normanxu.avenuehq.cool |
491 KB |
12 |
imgix.net
avenuehq-cool.imgix.net |
493 KB |
8 |
jotfor.ms
cdn01.jotfor.ms — Cisco Umbrella Rank: 27804 cdn02.jotfor.ms — Cisco Umbrella Rank: 27880 cdn03.jotfor.ms — Cisco Umbrella Rank: 28704 |
215 KB |
4 |
edgefonts.net
use.edgefonts.net — Cisco Umbrella Rank: 60157 |
93 KB |
3 |
gstatic.com
fonts.gstatic.com |
88 KB |
3 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 47 |
2 KB |
2 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 98 |
424 B |
2 |
typekit.net
p.typekit.net — Cisco Umbrella Rank: 656 |
428 B |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 146 |
114 KB |
2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 42 |
20 KB |
2 |
jotform.com
form.jotform.com — Cisco Umbrella Rank: 25748 events.jotform.com — Cisco Umbrella Rank: 27134 |
11 KB |
2 |
avenuehq.com
normanxu.avenuehq.com |
594 KB |
1 |
google.ca
www.google.ca — Cisco Umbrella Rank: 7861 |
501 B |
1 |
google.com
www.google.com — Cisco Umbrella Rank: 13 |
501 B |
1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 96 |
460 B |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 227 |
5 KB |
1 |
akamaized.net
vod-progressive.akamaized.net — Cisco Umbrella Rank: 19113 |
|
1 |
vimeo.com
1 redirects
player.vimeo.com — Cisco Umbrella Rank: 1942 |
1 KB |
1 |
fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 934 |
228 KB |
68 | 19 |
Domain | Requested by | |
---|---|---|
19 | normanxu.avenuehq.cool |
welcometoyourtorontohome.com.avenuehq.cool
|
12 | avenuehq-cool.imgix.net |
welcometoyourtorontohome.com.avenuehq.cool
|
4 | cdn02.jotfor.ms |
form.jotform.com
cdn02.jotfor.ms |
4 | use.edgefonts.net |
welcometoyourtorontohome.com.avenuehq.cool
use.edgefonts.net |
3 | fonts.gstatic.com |
fonts.googleapis.com
|
3 | fonts.googleapis.com |
welcometoyourtorontohome.com.avenuehq.cool
|
2 | www.facebook.com |
welcometoyourtorontohome.com.avenuehq.cool
|
2 | p.typekit.net |
welcometoyourtorontohome.com.avenuehq.cool
|
2 | cdn03.jotfor.ms |
form.jotform.com
|
2 | cdn01.jotfor.ms |
form.jotform.com
|
2 | connect.facebook.net |
welcometoyourtorontohome.com.avenuehq.cool
connect.facebook.net |
2 | www.google-analytics.com |
welcometoyourtorontohome.com.avenuehq.cool
www.google-analytics.com |
2 | normanxu.avenuehq.com |
welcometoyourtorontohome.com.avenuehq.cool
|
2 | welcometoyourtorontohome.com.avenuehq.cool | 1 redirects |
2 | www.welcometoyourtorontohome.com.avenuehq.cool | 2 redirects |
1 | events.jotform.com |
welcometoyourtorontohome.com.avenuehq.cool
|
1 | www.google.ca |
welcometoyourtorontohome.com.avenuehq.cool
|
1 | www.google.com |
welcometoyourtorontohome.com.avenuehq.cool
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | cdnjs.cloudflare.com |
form.jotform.com
|
1 | vod-progressive.akamaized.net |
welcometoyourtorontohome.com.avenuehq.cool
|
1 | player.vimeo.com | 1 redirects |
1 | form.jotform.com |
welcometoyourtorontohome.com.avenuehq.cool
|
1 | use.fontawesome.com |
welcometoyourtorontohome.com.avenuehq.cool
|
68 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.facebook.com |
www.linkedin.com |
normanxu.avenuehq.com |
www.trebhome.com |
yelp.ca |
avenuehq.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
welcometoyourtorontohome.com.avenuehq.cool R3 |
2021-11-29 - 2022-02-27 |
3 months | crt.sh |
avenuehq.cool R3 |
2021-12-09 - 2022-03-09 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-12-05 - 2022-12-06 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-07 - 2022-07-06 |
a year | crt.sh |
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2020 |
2021-05-10 - 2022-06-11 |
a year | crt.sh |
*.avenuehq.com Sectigo RSA Domain Validation Secure Server CA |
2021-02-19 - 2022-03-13 |
a year | crt.sh |
*.jotform.com Sectigo RSA Domain Validation Secure Server CA |
2021-06-28 - 2022-06-28 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-11-16 - 2022-02-14 |
3 months | crt.sh |
*.gstatic.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
*.google.ca GTS CA 1C3 |
2022-01-10 - 2022-04-04 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://welcometoyourtorontohome.com.avenuehq.cool/
Frame ID: AEADF439E44ABC0B518644DDD4705A05
Requests: 61 HTTP requests in this frame
Frame:
https://cdn01.jotfor.ms/static/formCss.css?3.3.29474
Frame ID: FDD0D05A34AFAEFE71431DB89E3938CC
Requests: 10 HTTP requests in this frame
Frame:
https://www.facebook.com/tr/
Frame ID: 6A133D64A1F12508765D79B06E345B65
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Norman Xu - Royal LePage Signature RealtyPage URL History Show full URLs
-
http://www.welcometoyourtorontohome.com.avenuehq.cool/
HTTP 301
https://www.welcometoyourtorontohome.com.avenuehq.cool/ HTTP 301
http://welcometoyourtorontohome.com.avenuehq.cool/ HTTP 301
https://welcometoyourtorontohome.com.avenuehq.cool/ Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
Prototype (JavaScript Frameworks) Expand
Detected patterns
- (?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Font Awesome (Font Scripts) Expand
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Select2 (JavaScript Libraries) Expand
Detected patterns
- select2(?:\.min|\.full)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
8 Outgoing links
These are links going to different origins than the main page.
Title: Facebook
Search URL Search Domain Scan URL
Title: LinkedIn
Search URL Search Domain Scan URL
Title: Project Status
Search URL Search Domain Scan URL
Title: Market Report
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Avenue
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.welcometoyourtorontohome.com.avenuehq.cool/
HTTP 301
https://www.welcometoyourtorontohome.com.avenuehq.cool/ HTTP 301
http://welcometoyourtorontohome.com.avenuehq.cool/ HTTP 301
https://welcometoyourtorontohome.com.avenuehq.cool/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 46- https://player.vimeo.com/external/282043348.hd.mp4?s=b7170c7da74d094fc910f3b39b5f0b3a1e42aef7&profile_id=175 HTTP 302
- https://vod-progressive.akamaized.net/exp=1644222290~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1408%2F11%2F282043348%2F1059122464.mp4~hmac=f14105c55135f761464495e4e18df5942cfd7d0072dd89fbde172dc3bdd56801/vimeo-prod-skyfire-std-us/01/1408/11/282043348/1059122464.mp4?filename=NormanXu_VideoHeader_03.mp4
68 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
welcometoyourtorontohome.com.avenuehq.cool/ Redirect Chain
|
71 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dashicons.min.css
normanxu.avenuehq.cool/wp-includes/css/ |
58 KB 36 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.css
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/aos/ |
25 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
normanxu.avenuehq.cool/wp-includes/css/dist/block-library/ |
79 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
8 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
genericons.css
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/genericons/ |
27 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
normanxu.avenuehq.cool/wp-content/themes/peak/assets/css/ |
167 KB 22 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.cafb5ec4.chunk.css
normanxu.avenuehq.cool/amelie/static/css/ |
76 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.d8ee8107.chunk.css
normanxu.avenuehq.cool/amelie/static/css/ |
53 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lora:n4.js
use.edgefonts.net/ |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lato:n4,n7.js
use.edgefonts.net/ |
24 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
normanxu.avenuehq.cool/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
3 KB 614 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
712 B 450 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
all.js
use.fontawesome.com/releases/v5.0.1/js/ |
634 KB 228 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_Title_01-3.png
avenuehq-cool.imgix.net/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_MobileHeader_01.png
avenuehq-cool.imgix.net/ |
135 KB 135 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
NormanXu_Headshot_01-2.png
normanxu.avenuehq.com/wp-content/uploads/sites/1243/2018/07/ |
589 KB 590 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
82897112646263
form.jotform.com/jsform/ |
39 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
royal-lepage-color-1.png
normanxu.avenuehq.com/wp-content/uploads/sites/1243/2018/07/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.fitvids.min.js
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cookie.min.js
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/js/ |
1 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cycle2.min.js
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/js/ |
22 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.cycle2.center.min.js
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/js/ |
839 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
select2.min.js
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/select2/js/ |
63 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aos.js
normanxu.avenuehq.cool/wp-content/themes/rb-web3/assets/aos/ |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts.js
normanxu.avenuehq.cool/wp-content/themes/peak/assets/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime-main.c262f8d7.js
normanxu.avenuehq.cool/amelie/static/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2.7075df55.chunk.js
normanxu.avenuehq.cool/amelie/static/js/ |
897 KB 270 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.21da61f4.chunk.js
normanxu.avenuehq.cool/amelie/static/js/ |
136 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l
use.edgefonts.net/c/297b8e/1w;lora,2,2cm9R0:W:n4/ |
34 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
l
use.edgefonts.net/c/a34e0a/1w;lato,2,c0r:W:n4,c0x:W:n7/ |
62 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
99 KB 27 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_Background_03-2-1920x1280.png
avenuehq-cool.imgix.net/ |
51 KB 51 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v41/ |
31 KB 31 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8vIU7ww63mVu7gtR-kwKxNvkNOjw-tbnfY3lDQ.woff2
fonts.gstatic.com/s/cinzel/v16/ |
13 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
14 KB 14 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_Condos_01-800x193.png
avenuehq-cool.imgix.net/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_Townhouses_01-800x193.png
avenuehq-cool.imgix.net/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_Houses_01-800x193.png
avenuehq-cool.imgix.net/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_NewConstruction_01-800x193.png
avenuehq-cool.imgix.net/ |
6 KB 6 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_EastYork_01.png
avenuehq-cool.imgix.net/ |
68 KB 69 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_NorthYork_01.png
avenuehq-cool.imgix.net/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_Midtown_01.png
avenuehq-cool.imgix.net/ |
73 KB 73 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.cool%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2FNormanXu_Toronto_01.png
avenuehq-cool.imgix.net/ |
68 KB 68 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
1059122464.mp4
vod-progressive.akamaized.net/exp=1644222290~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1408%2F11%2F282043348%2F1059122464.mp4~hmac=f14105c55135f761464495e4e18df5942cfd7d0072dd89fbde172dc3bdd56801/vim... Redirect Chain
|
12 MB 0 |
Media
video/mp4 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
23 KB 23 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
25 KB 25 KB |
Font
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
formCss.css
cdn01.jotfor.ms/static/ Frame FDD0 |
66 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nova.css
cdn02.jotfor.ms/css/styles/ Frame FDD0 |
33 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
payment_feature.css
cdn03.jotfor.ms/css/styles/payment/ Frame FDD0 |
43 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
form-submit-button-simple_white.css
cdn01.jotfor.ms/css/styles/buttons/ Frame FDD0 |
1 KB 784 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prototype.forms.js
cdn02.jotfor.ms/static/ Frame FDD0 |
126 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jotform.forms.js
cdn03.jotfor.ms/static/ Frame FDD0 |
527 KB 139 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
punycode.js
cdnjs.cloudflare.com/ajax/libs/punycode/1.4.1/ Frame FDD0 |
14 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2066055146979596
connect.facebook.net/signals/config/ |
307 KB 87 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 227 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
control_appointment.css
cdn02.jotfor.ms/form-resources/dist/styles/ Frame FDD0 |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
control_inline.css
cdn02.jotfor.ms/form-resources/dist/styles/ Frame FDD0 |
29 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 460 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
44 B 406 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
/
www.facebook.com/tr/ Frame 6A13 |
0 18 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
events.jotform.com/jsform/82897112646263/ Frame FDD0 |
0 368 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
https%3A%2F%2Fnormanxu.avenuehq.com%2Fwp-content%2Fuploads%2Fsites%2F1243%2F2018%2F07%2F071A7793.jpg
avenuehq-cool.imgix.net/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ |
44 KB 44 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
30 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| Typekit undefined| $ function| jQuery string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| qsProxy function| FrameBuilder object| i82897112646263 function| handleIFrameMessage function| isPermitted object| Amelie object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| rb object| wp object| AOS object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonprb-amelie function| setImmediate function| clearImmediate object| regeneratorRuntime object| __SENTRY__ object| scCGSHMRCache8 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.welcometoyourtorontohome.com.avenuehq.cool/ | Name: SERVERID Value: check|YgCfF|YgCfF |
|
welcometoyourtorontohome.com.avenuehq.cool/ | Name: SERVERID Value: check|YgCfF|YgCfF |
|
normanxu.avenuehq.cool/ | Name: SERVERID Value: check|YgCfF|YgCfF |
|
.avenuehq.cool/ | Name: _ga Value: GA1.2.2070612597.1644207891 |
|
.avenuehq.cool/ | Name: _gid Value: GA1.2.1347849209.1644207891 |
|
.avenuehq.cool/ | Name: _gat Value: 1 |
|
.avenuehq.cool/ | Name: _fbp Value: fb.1.1644207890845.1532500571 |
|
.facebook.com/ | Name: fr Value: 0V2g0gyWPl1GV6WRe..BiAJ8S...1.0.BiAJ8S. |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests; default-src * data: blob: filesystem: about: wss: 'unsafe-inline' 'unsafe-eval'; script-src * data: blob: 'unsafe-inline' 'unsafe-eval'; connect-src * data: blob: ; img-src * data: blob: ; frame-src * data: blob: ; style-src * data: blob: 'unsafe-inline'; font-src * data: blob: ; object-src 'none'; |
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
avenuehq-cool.imgix.net
cdn01.jotfor.ms
cdn02.jotfor.ms
cdn03.jotfor.ms
cdnjs.cloudflare.com
connect.facebook.net
events.jotform.com
fonts.googleapis.com
fonts.gstatic.com
form.jotform.com
normanxu.avenuehq.com
normanxu.avenuehq.cool
p.typekit.net
player.vimeo.com
stats.g.doubleclick.net
use.edgefonts.net
use.fontawesome.com
vod-progressive.akamaized.net
welcometoyourtorontohome.com.avenuehq.cool
www.facebook.com
www.google-analytics.com
www.google.ca
www.google.com
www.welcometoyourtorontohome.com.avenuehq.cool
151.101.0.217
173.230.149.207
23.43.169.3
2600:1400:9000::687e:74c8
2600:141b:9000:78c::19fd
2606:4700:11::6817:860b
2606:4700:20::681a:686
2606:4700:20::ac43:49b8
2606:4700:3031::ac43:d645
2606:4700::6810:125e
2607:f8b0:4006:807::200a
2607:f8b0:4006:80d::2003
2607:f8b0:4006:81f::2003
2607:f8b0:4006:81f::2004
2607:f8b0:4006:823::200e
2607:f8b0:4023:1404::9d
2a03:2880:f012:8:face:b00c:0:1
2a03:2880:f112:83:face:b00c:0:25de
2a04:4e42:31::720
35.201.118.58
45.56.89.86
07a22546451967edd50e3b477aca54367058a936de9d252af34067621a380684
0b28f26aa5ab6a8ac306be88fbbe32a9ad4aa95ef37c89337defe72fda9a6fd1
0b49f9152c2483f6a790bbce4999715a72ebab644060cf3ad8cf94505e17c360
0cbd10a5ab8fc8d6c008d7eb12d3b6d41a60c5985d668af7dd9bc35b1d264343
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
16a2546bd395b226fcb5254920afc883e4aa3bcf035140d709ec96148d6b35c8
1773d4fa83b8d609e687a59428ddf813256bc2ebdc27de4f5ea04f788c984934
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1ea5a230640d22c5a25b08808eb0e4f74b31093154f2817abcff349b3254f335
21778a3a131fbbf7366d7f69a3a8d97df1f7c7a186268cf20962468daeed07ae
26a592251fc8ca1e2f7dfe6fd772c2e6cb436b08264c6936f6007e1ada774264
27bcdc67e32fef9bdd86b785b1bafadd7f6915c49f6b49bed86bfbddf414b2f8
2a767bbec1a4ac999a027520af58a654b74e2e54f6af0960b46384f00b550481
3117d0b7dae95cc21d429cc4429bbb378fd6f210e82cafd2edf85e34fb945ee8
4509e1cef76d7c9b81380927dd22fa98bca087938981ab8d2c040526873155fb
45d08cc3c063af653d324f9483798d3c6977479fc703c78c7232a1fb94f4e416
48e6d618b95c55074ab9b47a6e7bd966c9fd434b874e2c2e2606c5ec0f992982
4d23d35ef196077142ffcc5a4557a98e5a0b3dc1ba7432d103efcd5aa5bb138d
4d7785f21a0783b1fdabbda245741e32d51887260936a931def384ce253a5178
5503a19850a4f3a1ba7da25e50ae1c8aaad0fe08e3d43ac853d52afa8712a364
5c2bc881f86640d8636a7a9c5ad3fd2a730739192a40fc3782067cd60f41bca0
64e1eff797575162c5df5207ca063f3aa0a12aae8fedfa01aa312beb2ed24c41
667d63caae20cc231c73a06a886880b4efc7c511baa29d95d855fcb851896026
67902d0eff4e6841fff7a38d9dba092e0f772e741b6c02ba44906d663c8c37ac
6b9e3667b018cf52ffad3bfee18dbe546c96351582e79dd63b0c12c170fd4dbb
71172ba42f7d78ebbc40363f583adb38044d2d256e6945c728fe4ed11acd6a7c
77d39b09785525c15243d547fcff180f41ae4bb8f4cced5765dab1abb3914e67
7db5bfb8996af76ff32efff79cd92acc4509661e418b176639949535a9cb2afd
7fb4441cfe067923a725b2b8aa5e667e746f079436cb8c222580ec69be5f17c9
7fe4ab1137ea5c75615726f2ec8f822005c7e12e60076edf48c254b4eb15d4bd
81bfb65ae019c2050d29ef9ef75c45aa9ae927f2cd84089011921f1b6cbf0ad7
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96
8ab6c1a8bf4787195bdd1e1bcfe3a10d8e379771b381542408991408b79d5d22
8c5e7d421e881c601dd0cfdfb81fd33779c1702b294f0bf4c23af53d53cdaf25
8cc9892866eb5c103d501a76b6819549434740b6e037737c02cf1be5324453a6
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
91522595c9c178e6994c425bdcd1b83e50b9e9e74a163f3d48ed203378d4fa71
974f00f2ba9536640e327504dfe5dfd8915a3cdb38f400a1d0589d64942dffa6
9857f9cb3840422ac773fdfd321d74adf07db0e5c9e066ad2cb995003dffa6b6
98726f9632fa3f6359c2d118f2061241729bcfc9a98563ccb6cf87444d32bd88
99b7da39de1e521b682ec5f14f68db0cac4e8eea5762020c50e91258abd6cb24
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2938feaa84279ccff232c9a6c2d8428ee5ea1f79df46a00d2c78bce994dab21
a5cd29910dcd0c3d0b12da688ddcbbe26db5c062539b946c17cea056dc2bc5c5
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
af81bfa4928593ad5b7eb52628105fe2b1d7a2f2fc99a473b8e54f506738af31
b2615d9eb837ebe673262187b673bc528e9853f2788c6100c212bdcd8e621b22
b7c4d837c461c799d39dbdcd46eb2f681ac9d99f163d1a83f316ea23b562ab9e
bd378a9e5ae16cce6c3ba34f158c2a71ec76eeb6dfd5c243e680db9b1cedcdbc
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdfe364cd8bda6d9d2dba385c70d758d7b7317c455e333e3b1de7812ffd0fe6d
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c92d5220e5aa709ef134eb87ed7c7a65bbe2579d90b2b193a966971a1ca933c9
c9ee01ee8903499cb90168df3d5de82fdcf4660511aa12e06207bca6ccfdf064
cf68294de586dcfa8ea0c94448b83f6f3b4a729c56729f39685cd64e1633f59b
d287da709652059aee8af366398fb5597fa3bf2e9cbe53b7c8ffe3da44f19ff8
d3c566dad9b3d3fea38947935c14699bc87b186d041334ed3b448152556d6022
e29826c93d3c98de2df5b31384c9057c7a908589c488fd088334467683e39333
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ce60d6a858f56e9fc35ea5a0a7bd47c098f8ae51789ab2a46857bc4f8c42e2
ec461c4afe763b01ef19d7b5792f6153cb4d8220a6118a1552a6a370e3170db2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f268612ba59ead1b24353bb77d66783bcc435aff1c22be5f93c40bac3869968e
f48f3bbe902b3f7ad23789398e0139c51fcdc7b6d7aa2ff04c0e8011b9a0ab7d
fc75041a4de5f5cecd9ca4b7f8bb72ff649c9bcbdede4bc4eea48bbfa7187c97
ff6377c5173c4ee30318481c90cb7cc19987f2f5304871236266df11b0f48696