urlscan.io logo urlscan.io
SecurityTrails logo

haitirecoverydevelopment.com Open in urlscan Pro
50.63.7.168  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.thehaitianrenaissance.com/
Effective URL: https://haitirecoverydevelopment.com/blog/
Submission: On July 18 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 50.63.7.168, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is haitirecoverydevelopment.com.
TLS certificate: Issued by boinks.com on June 27th 2021. Valid for: a year.
This is the only time haitirecoverydevelopment.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.33.251.168 16509 (AMAZON-02)
18 50.63.7.168 26496 (AS-26496-...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
27 5
1    3.33.251.168 (United States)

ASN16509 (AMAZON-02, US)
PTR: aec037177372cc6cd.awsglobalaccelerator.com
www.thehaitianrenaissance.com
18    50.63.7.168 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 168.7.63.50.host.secureserver.net
haitirecoverydevelopment.com
cozycrophouse.biz
1    2a00:1450:4001:810::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
apis.google.com
1    2a00:1450:400c:c09::54 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
accounts.google.com
Apex Domain
Subdomains		 Transfer
16 cozycrophouse.biz
cozycrophouse.biz
77 KB
4 google.com
apis.google.com — Cisco Umbrella Rank: 225
accounts.google.com — Cisco Umbrella Rank: 46
113 KB
2 haitirecoverydevelopment.com
haitirecoverydevelopment.com
14 KB
1 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 951
17 KB
1 thehaitianrenaissance.com
www.thehaitianrenaissance.com
329 B
0 boinks.com Failed
www.boinks.com Failed
27 6
Domain Requested by
16 cozycrophouse.biz haitirecoverydevelopment.com
cozycrophouse.biz
3 apis.google.com haitirecoverydevelopment.com
apis.google.com
2 haitirecoverydevelopment.com haitirecoverydevelopment.com
1 accounts.google.com apis.google.com
1 ssl.google-analytics.com haitirecoverydevelopment.com
1 www.thehaitianrenaissance.com 1 redirects
0 www.boinks.com Failed haitirecoverydevelopment.com
27 7

This site contains links to these domains. Also see Links.

Domain
www.boinks.com
www.shop.boinks.com
Subject Issuer Validity Valid
boinks.com
boinks.com		 2021-06-27 -
2022-06-27		 a year crt.sh
*.google-analytics.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
*.apis.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh
accounts.google.com
WR2		 2024-06-24 -
2024-09-16		 3 months crt.sh

This page contains 3 frames:

Primary Page: https://haitirecoverydevelopment.com/blog/
Frame ID: 2A176EB11C1A6F43C20BF8B1E5D4BBBC
Requests: 25 HTTP requests in this frame

Frame: https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=small&annotation=inline&width=300&origin=https%3A%2F%2Fhaitirecoverydevelopment.com&url=https%3A%2F%2Fhaitirecoverydevelopment.com%2Fblog%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: 9B3E3996E528B9627BE68545CFC6F51B
Requests: 1 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fhaitirecoverydevelopment.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Frame ID: 2CFA6D9111DE25F986D09A070D145324
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Nothing found for Blog

Page URL History Show full URLs

  1. https://www.thehaitianrenaissance.com/ HTTP 301
    http://haitirecoverydevelopment.com/blog/ HTTP 307
    https://haitirecoverydevelopment.com/blog/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <iframe[^>]*accounts\.google\.com/o/oauth2
Overall confidence: 100%
Detected patterns
  • <!-- All in One SEO Pack ([\d.]+)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

19 %
HTTPS

60 %
IPv6

6
Domains

7
Subdomains

5
IPs

3
Countries

221 kB
Transfer

579 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.thehaitianrenaissance.com/ HTTP 301
    http://haitirecoverydevelopment.com/blog/ HTTP 307
    https://haitirecoverydevelopment.com/blog/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
haitirecoverydevelopment.com/blog/
Redirect Chain
  • https://www.thehaitianrenaissance.com/
  • http://haitirecoverydevelopment.com/blog/
  • https://haitirecoverydevelopment.com/blog/
11 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
9f75f4e4ac598b4618bd8b5241b92ff7f8ab68df1b705969c2225a718542d02b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, must-revalidate, max-age=0
content-encoding
br
content-length
2726
content-type
text/html; charset=UTF-8
date
Thu, 18 Jul 2024 12:33:29 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
last-modified
Thu, 18 Jul 2024 12:33:29 GMT
pragma
no-cache
server
Apache
vary
Accept-Encoding
x-pingback
https://cozycrophouse.biz/website/xmlrpc.php

Redirect headers

Location
https://haitirecoverydevelopment.com/blog/
Non-Authoritative-Reason
HttpsUpgrades
style.css
cozycrophouse.biz/website/wp-content/themes/boinks/ 		23 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
9d03ff516bb45ad13b5ccd22e0b714b9167993a42391cf855984df3df01eaee8

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:57:45 GMT
server
Apache
etag
"3e817c4-5a63-5c5b836a52440-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5369
youtube-shortcode.css
cozycrophouse.biz/website/wp-content/plugins/youtube-shortcode/ 		1 KB
480 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-content/plugins/youtube-shortcode/youtube-shortcode.css?ver=3.1
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
5d6078edf0103c72f5583f76ae5b32637240e648a2a38a093bd16423c658ba28

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:57:44 GMT
server
Apache
etag
"3e612ec-50b-5c5b83695e200-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
398
styles.css
cozycrophouse.biz/website/wp-content/plugins/contact-form-7/ 		887 B
476 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-content/plugins/contact-form-7/styles.css?ver=2.4.5
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
f2525c48e9a4fb8211e53a9a1c6f42f9caae00d4c673f350159c086c440397cb

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:57:31 GMT
server
Apache
etag
"37c096f-377-5c5b835cf84c0-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
336
l10n.js
cozycrophouse.biz/website/wp-includes/js/ 		308 B
261 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-includes/js/l10n.js?ver=20101110
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
1ba66173d4190b0bf03a803e28101feefea6db94265794bca3a76fc387b4e402

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:58:14 GMT
server
Apache
etag
"4461df7-134-5c5b8385fa580-br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
168
jquery.js
cozycrophouse.biz/website/wp-includes/js/jquery/ 		77 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-includes/js/jquery/jquery.js?ver=1.4.4
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
1bf10580ff7342ee23baafad43b29b679ad1c0d0b34d328f73c72fdacfa8f70b

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:58:15 GMT
server
Apache
etag
"4461de0-1331c-5c5b8386ee7c0-br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
26331
boinks-logo.png
cozycrophouse.biz/website/wp-content/themes/boinks/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/images/boinks-logo.png
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
1b5a1390cd848f9d87ec694ceb01ba064be7c3ff5758d9f545bd1eb1c937b1f4

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
last-modified
Sun, 27 Jun 2021 04:57:45 GMT
server
Apache
accept-ranges
bytes
etag
"3ea3dc3-3995-5c5b836a52440"
content-length
14741
content-type
image/png
boinks-let-the-fun-get-out-of-hand.png
cozycrophouse.biz/website/wp-content/themes/boinks/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/images/boinks-let-the-fun-get-out-of-hand.png
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
413a66215f09665b1f24316a6d069190842b2048249119c50ce1a96be4607165

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:30 GMT
last-modified
Sun, 27 Jun 2021 04:57:45 GMT
server
Apache
accept-ranges
bytes
etag
"3ea3dc0-18c8-5c5b836a52440"
content-length
6344
content-type
image/png
thickbox.js
cozycrophouse.biz/website/wp-includes/js/thickbox/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-includes/js/thickbox/thickbox.js?ver=3.1-20100407
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
fc946c0f42cbab43403571f4f9255768ccdd1df5508ce998e49ec57d5c1620ab

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:58:15 GMT
server
Apache
etag
"4461e14-3004-5c5b8386ee7c0-br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
3706
jquery.form.js
cozycrophouse.biz/website/wp-content/plugins/contact-form-7/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-content/plugins/contact-form-7/jquery.form.js?ver=2.52
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
c0d1b8ae7bdaff8c6a4d1bc6011f81258c5a25c92092cc4765cf3879bd387a15

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:30 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:57:31 GMT
server
Apache
etag
"37c0968-5e58-5c5b835cf84c0-br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
7899
scripts.js
cozycrophouse.biz/website/wp-content/plugins/contact-form-7/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.5
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
e0d57ad0be444ba38c6889347a07571d422b93abbdb023666e83bda013235064

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:30 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:57:31 GMT
server
Apache
etag
"37c096c-15e5-5c5b835cf84c0-br"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
1442
style.css
cozycrophouse.biz/website/wp-content/themes/twentyten/ 		22 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-content/themes/twentyten/style.css
Requested by
Host: cozycrophouse.biz
URL: https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
4361d357f4e7d04fd8ad050cdcd7dbc5ed4fb26eeb8d688b989b4f1758463f71

Request headers

Referer
https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:58:11 GMT
server
Apache
etag
"4441fdd-5921-5c5b83831dec0-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
5373
webfontstyle.css
cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/ 		3 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/webfontstyle.css
Requested by
Host: cozycrophouse.biz
URL: https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
e4708dcbea3d4292dda30e56a37124b035b99747a910b45590f514b96f548950

Request headers

Referer
https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:29 GMT
content-encoding
br
last-modified
Sun, 27 Jun 2021 04:58:10 GMT
server
Apache
etag
"4441fb1-cb9-5c5b838229c80-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
471
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Jul 2024 11:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2313
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Thu, 18 Jul 2024 13:54:57 GMT
plusone.js
apis.google.com/js/ 		55 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/plusone.js
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eca80c3706da9400cb69a6ae6331511b4a5ca8d2eca548f2f3caaef72e2025f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Thu, 18 Jul 2024 12:33:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21606
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"7ee0559fc057cf4f"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 18 Jul 2024 12:33:30 GMT
background3.jpg
www.boinks.com/website/wp-content/themes/boinks/uploads/ 		0
0
topnav-right-corner.png
cozycrophouse.biz/website/wp-content/themes/boinks/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/images/topnav-right-corner.png
Requested by
Host: cozycrophouse.biz
URL: https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
ec7cb0180f0a1d82e716b9f9348243207e682ba962ea4cec31e2a24bf392e4e3

Request headers

Referer
https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:30 GMT
last-modified
Sun, 27 Jun 2021 04:57:45 GMT
server
Apache
accept-ranges
bytes
etag
"3ea3de1-438-5c5b836a52440"
content-length
1080
content-type
image/png
topnav-middle.gif
cozycrophouse.biz/website/wp-content/themes/boinks/images/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/images/topnav-middle.gif
Requested by
Host: cozycrophouse.biz
URL: https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
bd6a4879416d6c1b1b24990c13f1ae98fe1d9ea4d689e227bedd787074f0fd31

Request headers

Referer
https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:30 GMT
last-modified
Sun, 27 Jun 2021 04:57:45 GMT
server
Apache
accept-ranges
bytes
etag
"3ea3ddf-9f2-5c5b836a52440"
content-length
2546
content-type
image/gif
website-background.gif
cozycrophouse.biz/website/wp-content/themes/boinks/images/ 		156 B
209 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/images/website-background.gif
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
ee10f353a17924c62eb8fd73adf46bbe256395baf4b554aeccabff4166f7ba41

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:30 GMT
last-modified
Sun, 27 Jun 2021 04:57:45 GMT
server
Apache
accept-ranges
bytes
etag
"3ea3de4-9c-5c5b836a52440"
content-length
156
content-type
image/gif
website-background-bottom.png
cozycrophouse.biz/website/wp-content/themes/boinks/images/ 		845 B
899 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/images/website-background-bottom.png
Requested by
Host: cozycrophouse.biz
URL: https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
d6b3d0d210b9b17306dee01c96f24b1d02ab396eea0e0e7ba48830217d40c633

Request headers

Referer
https://cozycrophouse.biz/website/wp-content/themes/boinks/style.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Thu, 18 Jul 2024 12:33:30 GMT
last-modified
Sun, 27 Jun 2021 04:57:45 GMT
server
Apache
accept-ranges
bytes
etag
"3ea3de3-34d-5c5b836a52440"
content-length
845
content-type
image/png
Amaranth-webfont.woff
cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/ 		0
0
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e2e4efdaa0c7265e4e5ac2690150863d84c984b3fb3143a18a003153835d2ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Tue, 16 Jul 2024 09:32:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183684
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57485
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 15:21:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 16 Jul 2025 09:32:06 GMT
cb=gapi.loaded_1
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/ 		101 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_1?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/plusone.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8d84109a20308cb59864b13fdc4f3c091f96975e4e19919a90fcf35faf3e7157
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haitirecoverydevelopment.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 15 Jul 2024 17:52:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
240041
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35536
x-xss-protection
0
last-modified
Thu, 06 Jun 2024 15:21:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Tue, 15 Jul 2025 17:52:49 GMT
fastbutton
apis.google.com/u/0/se/0/_/+1/ Frame 9B3E 		0
0
loadingAnimation.gif
haitirecoverydevelopment.com/wp-includes/js/thickbox/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://haitirecoverydevelopment.com/wp-includes/js/thickbox/loadingAnimation.gif
Requested by
Host: haitirecoverydevelopment.com
URL: https://haitirecoverydevelopment.com/blog/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
50.63.7.168 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
168.7.63.50.host.secureserver.net
Software
Apache /
Resource Hash
a03a2dc1b40909b40b246216084f2d0bad8b5a413a2e3df66816b4c590ac709d

Request headers

Referer
https://haitirecoverydevelopment.com/blog/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 18 Jul 2024 12:33:30 GMT
content-encoding
br
last-modified
Thu, 18 Jul 2024 12:33:30 GMT
server
Apache
x-pingback
https://cozycrophouse.biz/website/xmlrpc.php
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-cache, must-revalidate, max-age=0
content-length
2751
expires
Wed, 11 Jan 1984 05:00:00 GMT
postmessageRelay
accounts.google.com/o/oauth2/ Frame 2CFA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/postmessageRelay?parent=https%3A%2F%2Fhaitirecoverydevelopment.com&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.yt0ljKjs5rs.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=AAAQ/rs=AHpOoo_yzulJpTEe99NXWvLUgho342xMuA/cb=gapi.loaded_1?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::54 Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-9eAfgUyISiyOCRGVfulsow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://haitirecoverydevelopment.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /o/cspreport script-src 'report-sample' 'nonce-9eAfgUyISiyOCRGVfulsow' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-type
text/html; charset=utf-8
cross-origin-resource-policy
same-site
date
Thu, 18 Jul 2024 12:33:30 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
Amaranth-webfont.ttf
cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.boinks.com
URL
https://www.boinks.com/website/wp-content/themes/boinks/uploads/background3.jpg
Domain
cozycrophouse.biz
URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/Amaranth-webfont.woff
Domain
apis.google.com
URL
https://apis.google.com/u/0/se/0/_/+1/fastbutton?usegapi=1&size=small&annotation=inline&width=300&origin=https%3A%2F%2Fhaitirecoverydevelopment.com&url=https%3A%2F%2Fhaitirecoverydevelopment.com%2Fblog%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.yt0ljKjs5rs.O%2Fam%3DAAAQ%2Fd%3D1%2Frs%3DAHpOoo_yzulJpTEe99NXWvLUgho342xMuA%2Fm%3D__features__
Domain
cozycrophouse.biz
URL
https://cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/Amaranth-webfont.ttf

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| _gaq function| convertEntities function| jQuery object| thickboxL10n string| tb_pathToImage string| tb_closeImage function| tb_init function| tb_click function| tb_show function| tb_showIframe function| tb_remove function| tb_position function| tb_parseQuery function| tb_getPageSize function| tb_detectMacXFF object| _gat object| gapi object| ___jsl object| imgLoader object| _wpcf7 object| _F_toggles object| osapi object| gadgets object| iframer object| __gapi_jstiming__ object| shindig function| ToolbarApi object| iframes function| IframeBase function| Iframe function| IframeProxy function| IframeWindow

0 Cookies

8 Console Messages

Source Level URL
Text
network error URL: https://haitirecoverydevelopment.com/blog/
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://haitirecoverydevelopment.com/blog/
Message:
Mixed Content: The page at 'https://haitirecoverydevelopment.com/blog/' was loaded over HTTPS, but requested an insecure element 'http://www.boinks.com/website/wp-content/themes/boinks/uploads/background3.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security error URL: https://apis.google.com/js/plusone.js(Line 63)
Message:
Mixed Content: The page at 'https://haitirecoverydevelopment.com/blog/' was loaded over HTTPS, but requested an insecure frame 'http://developers.google.com/#_methods=onPlusOne%2C_ready%2C_close%2C_open%2C_resizeMe%2C_renderstart%2Concircled%2Cdrefresh%2Cerefresh%2Conload&id=I0_1721306010418&_gfid=I0_1721306010418&parent=https%3A%2F%2Fhaitirecoverydevelopment.com&pfname=&rpctoken=95342462'. This request has been blocked; the content must be served over HTTPS.
network error URL: https://haitirecoverydevelopment.com/wp-includes/js/thickbox/loadingAnimation.gif
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://haitirecoverydevelopment.com/blog/
Message:
Access to font at 'https://cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/Amaranth-webfont.woff' from origin 'https://haitirecoverydevelopment.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/Amaranth-webfont.woff
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://haitirecoverydevelopment.com/blog/
Message:
Access to font at 'https://cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/Amaranth-webfont.ttf' from origin 'https://haitirecoverydevelopment.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cozycrophouse.biz/website/wp-content/themes/boinks/webfonts/Amaranth-webfont.ttf
Message:
Failed to load resource: net::ERR_FAILED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
apis.google.com
cozycrophouse.biz
haitirecoverydevelopment.com
ssl.google-analytics.com
www.boinks.com
www.thehaitianrenaissance.com
apis.google.com
cozycrophouse.biz
www.boinks.com
2a00:1450:4001:810::2008
2a00:1450:4001:813::200e
2a00:1450:400c:c09::54
3.33.251.168
50.63.7.168
0e2e4efdaa0c7265e4e5ac2690150863d84c984b3fb3143a18a003153835d2ac
0eca80c3706da9400cb69a6ae6331511b4a5ca8d2eca548f2f3caaef72e2025f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b5a1390cd848f9d87ec694ceb01ba064be7c3ff5758d9f545bd1eb1c937b1f4
1ba66173d4190b0bf03a803e28101feefea6db94265794bca3a76fc387b4e402
1bf10580ff7342ee23baafad43b29b679ad1c0d0b34d328f73c72fdacfa8f70b
413a66215f09665b1f24316a6d069190842b2048249119c50ce1a96be4607165
4361d357f4e7d04fd8ad050cdcd7dbc5ed4fb26eeb8d688b989b4f1758463f71
5d6078edf0103c72f5583f76ae5b32637240e648a2a38a093bd16423c658ba28
8d84109a20308cb59864b13fdc4f3c091f96975e4e19919a90fcf35faf3e7157
9d03ff516bb45ad13b5ccd22e0b714b9167993a42391cf855984df3df01eaee8
9f75f4e4ac598b4618bd8b5241b92ff7f8ab68df1b705969c2225a718542d02b
a03a2dc1b40909b40b246216084f2d0bad8b5a413a2e3df66816b4c590ac709d
bd6a4879416d6c1b1b24990c13f1ae98fe1d9ea4d689e227bedd787074f0fd31
c0d1b8ae7bdaff8c6a4d1bc6011f81258c5a25c92092cc4765cf3879bd387a15
d6b3d0d210b9b17306dee01c96f24b1d02ab396eea0e0e7ba48830217d40c633
e0d57ad0be444ba38c6889347a07571d422b93abbdb023666e83bda013235064
e4708dcbea3d4292dda30e56a37124b035b99747a910b45590f514b96f548950
ec7cb0180f0a1d82e716b9f9348243207e682ba962ea4cec31e2a24bf392e4e3
ee10f353a17924c62eb8fd73adf46bbe256395baf4b554aeccabff4166f7ba41
f2525c48e9a4fb8211e53a9a1c6f42f9caae00d4c673f350159c086c440397cb
fc946c0f42cbab43403571f4f9255768ccdd1df5508ce998e49ec57d5c1620ab