recoveryresources.world Open in urlscan Pro
104.197.101.206  Public Scan

3 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response recoveryresources.world/	90 KB 15 KB	753ms 260ms	Document text/html	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / WP Engine Resource Hash af09e701584a3608d1524d6d34755d55bb2b5101b44f9a4414c433807fcba626 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control max-age=600, must-revalidate content-encoding br content-type text/html; charset=UTF-8 date Sun, 26 Feb 2023 23:27:43 GMT link <https://recoveryresources.world/wp-json/>; rel="https://api.w.org/" <https://recoveryresources.world/wp-json/wp/v2/pages/3043>; rel="alternate"; type="application/json" <https://recoveryresources.world/>; rel=shortlink server nginx vary Accept-Encoding Accept-Encoding Accept-Encoding Accept-Encoding,Cookie x-cache HIT: 9 x-cache-group normal x-cacheable SHORT x-powered-by WP Engine
GET H2	200	style.min.css recoveryresources.world/wp-includes/css/dist/block-library/	93 KB 13 KB	165ms 163ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Fri, 11 Nov 2022 14:56:45 GMT server nginx etag W/"636e62ad-172a9" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	classic-themes.min.css recoveryresources.world/wp-includes/css/	217 B 366 B	219ms 217ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-includes/css/classic-themes.min.css?ver=1 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Tue, 25 Oct 2022 13:45:16 GMT server nginx etag W/"6357e86c-d9" vary Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	global.min.css recoveryresources.world/wp-content/themes/kadence/assets/css/	19 KB 5 KB	268ms 266ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.31 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Tue, 20 Dec 2022 18:26:06 GMT server nginx etag W/"63a1fe3e-4bb7" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	header.min.css recoveryresources.world/wp-content/themes/kadence/assets/css/	27 KB 5 KB	180ms 177ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.31 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Tue, 20 Dec 2022 18:26:06 GMT server nginx etag W/"63a1fe3e-6c84" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	content.min.css recoveryresources.world/wp-content/themes/kadence/assets/css/	32 KB 6 KB	217ms 215ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.31 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Tue, 20 Dec 2022 18:26:06 GMT server nginx etag W/"63a1fe3e-7fcd" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	footer.min.css recoveryresources.world/wp-content/themes/kadence/assets/css/	18 KB 2 KB	202ms 200ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.31 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Tue, 20 Dec 2022 18:26:06 GMT server nginx etag W/"63a1fe3e-49c0" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	row.style.build.css recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/	35 KB 4 KB	194ms 192ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/row.style.build.css?ver=2.4.22 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash befab798297c137e96ff18b91a3d4e5dcc2ef46d6ebc418b710e07a5126f0376 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Wed, 23 Nov 2022 22:31:46 GMT server nginx etag W/"637e9f52-8d0b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	column.style.build.css recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/	1 KB 721 B	225ms 223ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/column.style.build.css?ver=2.4.22 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 85f408ff7768f84574fa9fab8baa9ec9fe43e22567e2be72daf4d13c346ddd8a Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Wed, 23 Nov 2022 22:31:46 GMT server nginx etag W/"637e9f52-5b8" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	btn.style.build.css recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/	3 KB 1 KB	203ms 201ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/btn.style.build.css?ver=2.4.22 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 868d2211cbe5decb3fdc3a506b0c6eaa9a294ec563e688e65a210f16ef9dafc0 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Wed, 23 Nov 2022 22:31:46 GMT server nginx etag W/"637e9f52-d3d" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	spacer.style.build.css recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/	3 KB 700 B	195ms 193ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/spacer.style.build.css?ver=2.4.22 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash c327115dbf512e58355f4285975bfbdd5215da60d3c6bd4a6820924d5964c3ad Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Wed, 23 Nov 2022 22:31:46 GMT server nginx etag W/"637e9f52-b31" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	testimonials.style.build.css recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/	12 KB 2 KB	271ms 270ms	Stylesheet text/css	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/plugins/kadence-blocks/dist/blocks/testimonials.style.build.css?ver=2.4.22 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 832fb08bcb79118a0d2eb43224793fb0bd6c2c5ed66eddc2dfc3294416b7bc74 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Wed, 23 Nov 2022 22:31:46 GMT server nginx etag W/"637e9f52-2e5b" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type text/css access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	js Show response www.googletagmanager.com/gtag/	219 KB 77 KB	151ms 58ms	Script application/javascript	2a00:1450:400d:804::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-1CYWK4XFZR&ver=6.1.1 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 6051d8e556989b348e2f50f99d37a923234ffa5168c3c33536aa4258a93abe24 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 78497 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Sun, 26 Feb 2023 23:27:43 GMT
GET H2	200	css fonts.googleapis.com/	10 KB 1 KB	122ms 47ms	Stylesheet text/css	2a00:1450:400d:80c::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Lato:300,700,600,500,regular%7CJosefin%20Sans:700,600,regular,300%7CMontserrat:800,200&subset=latin&display=swap Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 0916d3c84b130e92a9d0e08d4fc89f97ed3c0c68141242a181362a038029ff46 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 26 Feb 2023 23:27:43 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 26 Feb 2023 23:27:43 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 26 Feb 2023 23:27:43 GMT
GET H2	200	cropped-WOCRR-Logo-1.jpg recoveryresources.world/wp-content/uploads/2021/11/	99 KB 99 KB	151ms 151ms	Image image/jpeg	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recoveryresources.world/wp-content/uploads/2021/11/cropped-WOCRR-Logo-1.jpg Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash ec1a915e67aeee233cd5c2bf1baa3f7084e5bc1db4cdf6a6f1bfccf9d14f3813 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT last-modified Sat, 27 Nov 2021 23:30:48 GMT server nginx etag "61a2bfa8-18c44" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 101444
GET H2	200	WOCRR-Logo-Square.jpg recoveryresources.world/wp-content/uploads/2021/11/	214 KB 215 KB	261ms 261ms	Image image/jpeg	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recoveryresources.world/wp-content/uploads/2021/11/WOCRR-Logo-Square.jpg Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 1f29dd52370b9f6c311624a2d1a25ab245af84b05d455bda741d8ce409e279fb Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT last-modified Sat, 27 Nov 2021 20:18:17 GMT server nginx etag "61a29289-35928" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 219432
GET H2	200	navigation.min.js Show response recoveryresources.world/wp-content/themes/kadence/assets/js/	21 KB 6 KB	274ms 273ms	Script application/javascript	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Tue, 20 Dec 2022 18:26:06 GMT server nginx etag W/"63a1fe3e-543e" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
GET H2	200	wp-emoji-release.min.js Show response recoveryresources.world/wp-includes/js/	18 KB 5 KB	275ms 275ms	Script application/javascript	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://recoveryresources.world/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT content-encoding br last-modified Tue, 12 Apr 2022 05:56:23 GMT server nginx etag W/"62551487-48b9" vary Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding content-type application/javascript access-control-allow-origin * cache-control public, max-age=31536000
POST H2	204	collect region1.google-analytics.com/g/	0 259 B	36ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-1CYWK4XFZR&gtm=45je32m0&_p=1339153376&cid=1067046295.1677454064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677454063&sct=1&seg=0&dl=https%3A%2F%2Frecoveryresources.world%2F&dt=Way%20of%20Compassion%20Foundation%20Recovery%20Resources%20%E2%80%93%20Everyone%20deserves%20recovery!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.anonymize_ip=true Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1CYWK4XFZR&ver=6.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 23:27:43 GMT server Golfe2 content-type text/plain access-control-allow-origin https://recoveryresources.world cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	S6u9w4BMUTPHh7USSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	113ms 23ms	Font font/woff2	2a00:1450:400d:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,700,600,500,regular%7CJosefin%20Sans:700,600,regular,300%7CMontserrat:800,200&subset=latin&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://recoveryresources.world accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 22:49:18 GMT x-content-type-options nosniff age 261505 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23236 x-xss-protection 0 last-modified Tue, 26 Apr 2022 16:04:12 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 22:49:18 GMT
GET H2	200	Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 fonts.gstatic.com/s/josefinsans/v25/	26 KB 26 KB	147ms 58ms	Font font/woff2	2a00:1450:400d:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/josefinsans/v25/Qw3aZQNVED7rKGKxtqIqX5EUDXx4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,700,600,500,regular%7CJosefin%20Sans:700,600,regular,300%7CMontserrat:800,200&subset=latin&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://recoveryresources.world accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 20:22:44 GMT x-content-type-options nosniff age 270299 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 26592 x-xss-protection 0 last-modified Mon, 11 Jul 2022 20:56:22 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 20:22:44 GMT
GET H2	200	pexels-jonathan-petersson-1237119.jpg recoveryresources.world/wp-content/uploads/2021/11/	749 KB 750 KB	259ms 259ms	Image image/jpeg	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recoveryresources.world/wp-content/uploads/2021/11/pexels-jonathan-petersson-1237119.jpg Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 9aa7b5881520bb90f1af7d485a37143e77d1b18c73d4c37603cc3c9fad0cc9fa Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT last-modified Sat, 27 Nov 2021 23:20:16 GMT server nginx etag "61a2bd30-bb570" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 767344
GET H2	200	adrianna-geo-Z5ZdkWjMTCY-unsplash.jpg recoveryresources.world/wp-content/uploads/2022/02/	317 KB 317 KB	260ms 259ms	Image image/jpeg	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recoveryresources.world/wp-content/uploads/2022/02/adrianna-geo-Z5ZdkWjMTCY-unsplash.jpg Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 19fd28866bde783a54021556c93175f8248870dfdba40d643c2f41ef4f49325c Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT last-modified Mon, 28 Feb 2022 17:00:42 GMT server nginx etag "621cffba-4f3ac" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 324524
GET H2	200	JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 fonts.gstatic.com/s/montserrat/v25/	30 KB 30 KB	120ms 43ms	Font font/woff2	2a00:1450:400d:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,700,600,500,regular%7CJosefin%20Sans:700,600,regular,300%7CMontserrat:800,200&subset=latin&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://recoveryresources.world accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Tue, 21 Feb 2023 20:35:57 GMT x-content-type-options nosniff age 442306 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30928 x-xss-protection 0 last-modified Mon, 11 Jul 2022 18:57:39 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 21 Feb 2024 20:35:57 GMT
GET H2	200	S6u9w4BMUTPHh6UVSwiPGQ.woff2 fonts.gstatic.com/s/lato/v23/	23 KB 23 KB	144ms 68ms	Font font/woff2	2a00:1450:400d:806::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Lato:300,700,600,500,regular%7CJosefin%20Sans:700,600,regular,300%7CMontserrat:800,200&subset=latin&display=swap Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://recoveryresources.world accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Thu, 23 Feb 2023 12:23:04 GMT x-content-type-options nosniff age 299079 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 23040 x-xss-protection 0 last-modified Tue, 26 Apr 2022 15:56:42 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 23 Feb 2024 12:23:04 GMT
GET H2	200	pexels-kampus-production-5935244-1024x682.jpg recoveryresources.world/wp-content/uploads/2021/11/	95 KB 95 KB	249ms 248ms	Image image/jpeg	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recoveryresources.world/wp-content/uploads/2021/11/pexels-kampus-production-5935244-1024x682.jpg Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash 342cdf33b7ae5ea712bba4d44b230bd5e2768c0f9dff1d746d7c90a21b3a091d Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT last-modified Sun, 28 Nov 2021 00:06:14 GMT server nginx etag "61a2c7f6-17b6e" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 97134
GET H2	200	pexels-josh-hild-4256852-1024x682.jpg recoveryresources.world/wp-content/uploads/2021/11/	54 KB 55 KB	250ms 250ms	Image image/jpeg	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recoveryresources.world/wp-content/uploads/2021/11/pexels-josh-hild-4256852-1024x682.jpg Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash f95c7d5d2047d607f404d276f6959c83990dbc0c6e58676abc1884b857e78008 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT last-modified Sat, 27 Nov 2021 22:40:56 GMT server nginx etag "61a2b3f8-d9d6" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 55766
GET H2	200	pexels-engin-akyurt-2952871-1024x682.jpg recoveryresources.world/wp-content/uploads/2021/11/	78 KB 79 KB	251ms 251ms	Image image/jpeg	104.197.101.206 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://recoveryresources.world/wp-content/uploads/2021/11/pexels-engin-akyurt-2952871-1024x682.jpg Requested by Host: recoveryresources.world URL: https://recoveryresources.world/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 104.197.101.206 Council Bluffs, United States, ASN15169 (GOOGLE, US), Reverse DNS 206.101.197.104.bc.googleusercontent.com Software nginx / Resource Hash e92a1b9c37c924183605cf54d58e33be73b468381fc5b3039efbfa4ebb5f54e9 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers date Sun, 26 Feb 2023 23:27:43 GMT last-modified Sun, 28 Nov 2021 00:05:46 GMT server nginx etag "61a2c7da-13932" vary Accept-Encoding content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes content-length 80178
POST H2	204	collect region1.google-analytics.com/g/	0 54 B	14ms 14ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-1CYWK4XFZR&gtm=45je32m0&_p=1339153376&cid=1067046295.1677454064&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1677454063&sct=1&seg=0&dl=https%3A%2F%2Frecoveryresources.world%2F&dt=Way%20of%20Compassion%20Foundation%20Recovery%20Resources%20%E2%80%93%20Everyone%20deserves%20recovery!&en=scroll&ep.anonymize_ip=true&epn.percent_scrolled=90&_et=15 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-1CYWK4XFZR&ver=6.1.1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://recoveryresources.world/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36 Response headers pragma no-cache date Sun, 26 Feb 2023 23:27:48 GMT server Golfe2 content-type text/plain access-control-allow-origin https://recoveryresources.world cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| _wpemojiSettings object| google_tag_manager object| google_tag_data object| dataLayer function| shouldTrack function| hasWKGoogleAnalyticsCookie function| gtag function| onYouTubeIframeAPIReady object| gaGlobal object| kadenceConfig object| kadence object| twemoji object| wp

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.recoveryresources.world/	1970-01-20 19:33:34	Name: _ga Value: GA1.1.1067046295.1677454064
			.recoveryresources.world/	1970-01-20 19:33:34	Name: _ga_1CYWK4XFZR Value: GS1.1.1677454063.1.0.1677454063.0.0.0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
recoveryresources.world
region1.google-analytics.com
www.googletagmanager.com
104.197.101.206
2001:4860:4802:34::36
2a00:1450:400d:804::2008
2a00:1450:400d:806::2003
2a00:1450:400d:80c::200a
0916d3c84b130e92a9d0e08d4fc89f97ed3c0c68141242a181362a038029ff46
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
19fd28866bde783a54021556c93175f8248870dfdba40d643c2f41ef4f49325c
1f29dd52370b9f6c311624a2d1a25ab245af84b05d455bda741d8ce409e279fb
342cdf33b7ae5ea712bba4d44b230bd5e2768c0f9dff1d746d7c90a21b3a091d
3701f4ae604d8fccb4ddca393e076a456aebfb06c1a9d94c1c13089293f55716
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
6051d8e556989b348e2f50f99d37a923234ffa5168c3c33536aa4258a93abe24
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
832fb08bcb79118a0d2eb43224793fb0bd6c2c5ed66eddc2dfc3294416b7bc74
85f408ff7768f84574fa9fab8baa9ec9fe43e22567e2be72daf4d13c346ddd8a
868d2211cbe5decb3fdc3a506b0c6eaa9a294ec563e688e65a210f16ef9dafc0
9aa7b5881520bb90f1af7d485a37143e77d1b18c73d4c37603cc3c9fad0cc9fa
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
af09e701584a3608d1524d6d34755d55bb2b5101b44f9a4414c433807fcba626
befab798297c137e96ff18b91a3d4e5dcc2ef46d6ebc418b710e07a5126f0376
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c327115dbf512e58355f4285975bfbdd5215da60d3c6bd4a6820924d5964c3ad
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
dcc19958809bc3db2abb40ba313906fe1bfa2c235357f39da400709e9c79c1e7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e92a1b9c37c924183605cf54d58e33be73b468381fc5b3039efbfa4ebb5f54e9
ec1a915e67aeee233cd5c2bf1baa3f7084e5bc1db4cdf6a6f1bfccf9d14f3813
f008162fa330a82dceb974a8e4e0ab2bfdeef1e3c2a417a0a517ccbfe4674505
f95c7d5d2047d607f404d276f6959c83990dbc0c6e58676abc1884b857e78008