partners-ca.recoveryoutcomes.com Open in urlscan Pro
2606:4700:3033::6815:4889 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://partners-ca.recoveryoutcomes.com/
Effective URL:
https://partners-ca.recoveryoutcomes.com/account/auth/
Submission: On February 07 via automatic, source certstream-suspicious (February 7th 2023, 10:40:06 pm UTC) — Scanned from CA

Summary HTTP 27 Redirects Links 2 Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 3 IPs in 1 countries across 2 domains to perform 27 HTTP transactions. The main IP is 2606:4700:3033::6815:4889, located in United States and belongs to CLOUDFLARENET, US. The main domain is partners-ca.recoveryoutcomes.com.
TLS certificate: Issued by GTS CA 1P5 on January 12th 2023. Valid for: 3 months.

This is the only time partners-ca.recoveryoutcomes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
2 28	2606:4700:303... 2606:4700:3033::6815:4889		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:821::200a		15169 (GOOGLE) (GOOGLE)
27	3

28 2606:4700:3033::6815:4889 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

partners-ca.recoveryoutcomes.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:821::200a (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	recoveryoutcomes.com 2 redirects partners-ca.recoveryoutcomes.com	1 MB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	776 B
27	2

	Domain	Requested by
28	partners-ca.recoveryoutcomes.com	2 redirects partners-ca.recoveryoutcomes.com
1	fonts.googleapis.com	partners-ca.recoveryoutcomes.com
27	2

This site contains links to these domains. Also see Links.

Domain
www.google.com
support.myrecoveryplan.ca

Subject Issuer	Validity	Valid
*.recoveryoutcomes.com GTS CA 1P5	`2023-01-12` - `2023-04-12`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://partners-ca.recoveryoutcomes.com/account/auth/
Frame ID: 3B800D736D4268BBAB3407297AD07DB0
Requests: 25 HTTP requests in this frame

Frame: https://partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675800000
Frame ID: 4E9DD547E00DFECF457391F2406258A7
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Account

Page URL History Show full URLs

https://partners-ca.recoveryoutcomes.com/ HTTP 302
https://partners-ca.recoveryoutcomes.com/account/home/ HTTP 302
https://partners-ca.recoveryoutcomes.com/account/auth/ Page URL

Detected technologies

jQuery Sparklines (JavaScript Graphics) Expand

Overall confidence: 100%
Detected patterns

jquery\.sparkline.*\.js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Materialize CSS (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href="[^"]*materialize(?:\.min)?\.css
materialize(?:\.min)?\.js

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

100 %
HTTPS

100 %
IPv6

2
Domains

2
Subdomains

3
IPs

1
Countries

1268 kB
Transfer

3119 kB
Size

3
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.google.com/chrome
Title: link

Search URL Search Domain Scan URL

URL: https://support.myrecoveryplan.ca/portal/en/home
Title: Contact Support

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://partners-ca.recoveryoutcomes.com/ HTTP 302
https://partners-ca.recoveryoutcomes.com/account/home/ HTTP 302
https://partners-ca.recoveryoutcomes.com/account/auth/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request / Show response
partners-ca.recoveryoutcomes.com/account/auth/
Redirect Chain

https://partners-ca.recoveryoutcomes.com/
https://partners-ca.recoveryoutcomes.com/account/home/
https://partners-ca.recoveryoutcomes.com/account/auth/

16 KB
6 KB

78ms
78ms

Document
text/html

2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3a5f25e9c40e385a62e7a91c60f0c955cc4cebce7370874aa6ceadb754e51a61

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 795f9feb0c7015d7-EWR
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 22:39:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lWcI9zZmSzQXzYaVGcEJweruk1vF%2BWbe%2ByI%2B7JJgQzlXOisLghAZJrGqbuVvnCOvUL7%2BRkHpDRG%2Bo%2BNUKHBrS%2F6rHCXmXbclndk%2BTZTvsdxZs36L7PJs2qA2Y%2FfbtZ4FlFmm3XzdhpMtM8LJ7CrvpTOpdoa0i5T4jC74v1%2Foqw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 795f9feace8ec42c-EWR
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 22:39:59 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: /account/auth/
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=alRCnN2ZwCflZOUKXlXVBIlCrH64VR55y7h4peizqlewQXPY%2BvHS0IsNWWRY1r2KP5QU%2FUma0CWJD%2FofJJQ1JXIro%2FbRS%2FaI8BJGN1%2BsVtpuUG6u13aVc%2FtyFNXLnqtWFB4QdzVLhoFAewGhRYYYyT2ezt8I4wwsCUECdb0gag%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H3 200 animate.css
partners-ca.recoveryoutcomes.com/assets/css/ 23 KB
3 KB 74ms
72ms Stylesheet
text/css 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/css/animate.css
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5d28-5d80ca7f31c4b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0xMQH%2F7uemURxdWm0gVFXaEYTZozyejO0ZczalJBaTRQcmlDpYpUSWVA1Hm%2B1kpdkqztCLpe3B7smpdDccmN%2BasVwY2fQCk5R6%2BV12cxj%2BjtP4y4F6iNrjeRnJG9Dk48LH2pl9VqTEx95LtSgs7T9uA7fxNHelah59HdO%2BuyOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 795f9feb9d3815d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 materialize.css
partners-ca.recoveryoutcomes.com/assets/material/css/ 191 KB
32 KB 124ms
120ms Stylesheet
text/css 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/css/materialize.css
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a63e4dffafdd7c1ec660e9736ca35241308d6f1d7755d1b6989898bdff4c039b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2fc3f-5d80ca7fe5754-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sQf1xCuSFOtjsgHcRN9d4iXe9bpEzIq9S%2FOgbQcPuKJo5qGQ4O9bRQWZwyTtWiNG6wX3vH0%2BeIC%2BcSXYgUcmeav4Jl7RjReYBllCrHjV5hU%2BxizdP8Cr1QseTy4iQIa4Zz2H%2FkQxmPE3U1LwBVo53pQ9KEekjZ2EO4eAL3s2wQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 795f9feb9d3c15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 icon
fonts.googleapis.com/ 569 B
776 B 90ms
38ms Stylesheet
text/css 2607:f8b0:4006:821::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200a Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 07 Feb 2023 22:39:59 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Feb 2023 22:39:59 GMT

GET
H3 200 login2.css
partners-ca.recoveryoutcomes.com/assets/css/ 393 B
721 B 91ms
89ms Stylesheet
text/css 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/css/login2.css
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 092f4cc3f2d5b0347b1a582479be1d500d70f4d75f61290b9df3d0fc7ffb5df2

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"189-5d80ca7f31c4b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbRM7Xnj8oZOy7st%2B4O8P3CLOmXe%2BxC8U%2B32itPgK7Vv2zf1UNkiVgbXecxBzyeztDgMHZIOjNrVTYKWyclOLWyDuQUaulRgvQog%2FQGISp1iwsrNzH5NnDxKJ5hwjkS%2F8kb8Hvikh1sEWhw2HtvaCDQVoogCxJjaXhmmLv1e%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 795f9feb9d3e15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 custom.css
partners-ca.recoveryoutcomes.com/assets/material/css/custom/ 4 KB
2 KB 84ms
81ms Stylesheet
text/css 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/css/custom/custom.css
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2c906abe8e860ee1495710a52c44432ca82af853ee6dcd74cd2948b4245f9d9f

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 Feb 2023 03:28:47 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1197-5f413bedde011-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7CqVFtmm9AcBdnLVtW0tbxxLI5gxsRlcZG%2B03glwbAQvN%2BcBDgjsWSw8JwxIlSnw7kmgjTx7vPTOqBmETKi%2FObIkAaVUcLMIPmoIwMSXI8wwRXXK0KJuKGIWVGb0FyDAQHBLMYbV%2F%2BSs%2FZGVqaPQQx4jTQr17wpk9AtOJpnZOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cf-ray: 795f9feb9d4215d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery-3.3.1.min.js Show response
partners-ca.recoveryoutcomes.com/assets/js/ 85 KB
31 KB 144ms
142ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/js/jquery-3.3.1.min.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"1538f-5d80ca7f2800b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyiEpRvUl4NoLsS3eoCBX7HqZb2c9rkRVFjoevgE4rVeMu8KXoqIXTu3MPPsUA%2FGQp4LidgIxTMceFBj9G3eGWI0RF5D42CLk3ZkAapCJU1UPyEGkDhHkqUt7R30Szx5RmTReDMXMebe1rxdv50t%2BJe8LOZBJd8umKzywgOZsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9feb9d4415d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.cookie.js Show response
partners-ca.recoveryoutcomes.com/assets/js/ 3 KB
2 KB 80ms
77ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/js/jquery.cookie.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"c38-5d80ca7f28fab-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qCLX1172pCynTJ%2BMcTDuQSFWQwUofO0j%2BmT%2FV6uWpwO5oeNZTCLmqKNcic8vwbp630oNBd%2B7uXbl7sjKn8mo4mQnac0jekqXfrb0l5izVwsYyIXjnukMismPgxuUUa%2FYJ3z%2BHHqFubyqLCFOwNpldL6mo4VQSNkwvF2rtcuDzA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9feb9d4615d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 perfect-scrollbar.min.js Show response
partners-ca.recoveryoutcomes.com/assets/material/js/plugins/perfect-scrollbar/ 9 KB
4 KB 77ms
75ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/js/plugins/perfect-scrollbar/perfect-scrollbar.min.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: faa718cf215101a5fbd4d79ebe63bb7aed1d46c923f7b2565a4e7a7b92cc4b38

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"24ef-5d80ca7fde9f4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csBipDLbYWmppr%2Fmxwo67QCgws8rD1qdzIqiR8YxP%2FCSRwN%2FjOgPt9ITaI%2F%2FO4Oa%2BQcSyBesq0%2FRUAsSgG723WAZCEP5%2FRSTR0Xj1CXdijqkMiaKNPi2J5eCoD6D%2Fb7FfJtTVrtnxbwgke0TCDPKpbM4ffQQpQKfeGedS4WQxg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9feb9d4715d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 materialize.js Show response
partners-ca.recoveryoutcomes.com/assets/material/js/ 368 KB
88 KB 156ms
154ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/js/materialize.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4e3205dd9fdf4dd18292d8f2419f303cb8ac316bce0134fb081e44e1fd9a262

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5c0da-5d80ca7fc4412-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x6uF9lJQjBLZue5bu%2BoeZ18GsX%2BUvIIErH21VH%2FxqXkYg08wT9IWC%2BDhicX8x5eI%2FP2l8yyow5Lq9LOEHS72621AqvzXI955vS2YOKk1FHL7WDuMHo%2B40h%2BKGAuwjSOG%2Bu8y7Ef9mhxl3esAdXHzXm25TFOy%2BzQfuVidy%2FUebQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9feb9d4915d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.formatter.js Show response
partners-ca.recoveryoutcomes.com/assets/material/js/plugins/formatter/ 26 KB
8 KB 109ms
107ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/js/plugins/formatter/jquery.formatter.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c2f88e4fc42a8521de50ea14e370a65707c15e753e5a3d121752156069705be

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"679f-5d80ca7fde9f4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7I4tfYLevFsceQeSLFiQm6Vmbcn8m1rZs5mi6%2FOi9oEHcurS5vZ6v9IDesT0xL6n9w96b7JRURyX%2BHe5YLTnXMghoJ6Q99yqiw19Jcq0xmpfUYRhej5kkqztGzcBXNJ%2BqDqouZrSyOJ5As7mJhH9iZ88CU%2FwBDw0hrF1sLV5FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9feb9d4c15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 header_logo_ca.png
partners-ca.recoveryoutcomes.com/theme/ 10 KB
10 KB 3429ms
3427ms Image
image/png 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners-ca.recoveryoutcomes.com/theme/header_logo_ca.png
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6463e38dac046f76074ead4a6dba0209d5e2a5bce17b07675f78f742da9f8ec

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:02 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "26c0-5d80ca7fef395"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WovIEC%2FSi9qxw9B102fki3sZxNcmyjar2exNC5zJyl3ox2Vmzv%2F0pLbVusPvUjhZ8eC%2FfdJJGzMfhFb2TDxrkN5LDl%2FC5vK9Y0dHza4WNL8y9q3th%2BdbzqK5OXMdLDXbdU4PL%2FV%2FroIMF6vikAxXCD66%2FHOLtPzplErkVI6gLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 795f9fed0f2b15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9920

GET
H3 200 ca_account.png
partners-ca.recoveryoutcomes.com/theme/ 9 KB
10 KB 1395ms
1394ms Image
image/png 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners-ca.recoveryoutcomes.com/theme/ca_account.png
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b2c7bf6f549ae103c4e4578ae7be35ed16dde2d45bc5cc0f379f7b56d8856a89

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:00 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "24f8-5d80ca7fed454"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iKyf32LswzKEOBuIPMAsHJAdF10cUNSS8Dnp%2B0R%2FNwJ7B%2FTBOqEYXMWfJGXpM0nhGJmKJj0%2B%2BacNEgIomiC76m7mMo90mRXYJ8uywE9I8hedLZhwu4Ha4gbOMIIQOugqoMSyL1cbMi0j%2BRosPHTTh1mlpZYfz%2FxJCqHTPGoaIA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
accept-ranges: bytes
cf-ray: 795f9fed0f2c15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9464

GET
H3 200 password-score.js Show response
partners-ca.recoveryoutcomes.com/assets/js/ 44 KB
8 KB 74ms
74ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/js/password-score.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b229fe1fdf5ee86bcdeaf1c58ab2187a496463cb590d89e23ae8264e3ae4377

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"ae2a-5d80ca7f29f4b-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csAd3%2BbNxS2TnwIA3ZKjAcZ9PUjZNOBhfOChNBg7rAvOizh29rGM8COj3FJJ04w5uvGUY4EFApJmZnPORU5Cm7L0EolkUh%2F35pravR1eaWZDdWS%2FfhxRmO9EicauEGUhgk38MpeYUn3a%2FWipbc29tLHmRPNblH%2BJafIdWlz9og%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fecae9815d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 password-score-options.js Show response
partners-ca.recoveryoutcomes.com/assets/js/ 2 MB
954 KB 195ms
195ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/js/password-score-options.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48dfa823d1ec42b865c53f653d10707ead62b7d4c79e5a7ab800035e4568963e

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"20f670-5d80ca7f260ca-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q3upVn2Y4UXfjtAjcLfdDET14ommh2tf7A5uXPrW4awvke4sdMVKTGH3kvbxT3OAqwN2bZvuundGm7aUN9UoOyV8F%2FzNcBc67ZlPrb%2B52j4Pl%2F9QHROL9TV1tN8WMN8alfdvh98lbXWj3CjeZVNAHiydwUB30x6CQ6EaakIntg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9feceee815d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 bootstrap-strength-meter.js Show response
partners-ca.recoveryoutcomes.com/assets/js/ 9 KB
2 KB 2420ms
2419ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/js/bootstrap-strength-meter.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f10d2ebce710703e1acbea2f953bc95a4080a84b450dbcb1f52a3a81b6d11e09

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2287-5d80ca7f195aa-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TzU2sYYpExJNzx2Q%2FCOassLRDCy4dvpekNWy7%2Bp8UMmDSu5b4e6ykhr48LPRSSsVUvxDZd5jm5SrMFQrBW2PMHLyMXoFujGwOt8WGDoQYVN4GBREbGqc3Ya061QFSQV%2B8DBu%2BEKh7ux3kdoB5VvcUHy4%2BWh%2Fl9WFadSCB17Z%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f1e15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.webui-popover.min.js Show response
partners-ca.recoveryoutcomes.com/assets/js/ 18 KB
6 KB 1406ms
1403ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/js/jquery.webui-popover.min.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c665098c0f8d844ecbf81cf298fd1022e6123b08908b9c2ead471941a4c0387d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"46e9-5d80ca7f260ca-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uGn0wfp2Gv346arLL3r4%2F7YxvC16rU%2FEaAnPliS%2BZzJy9EPRm%2FlO6VMmCg5EZuDLhod%2FU7yLaU1BuP0gWXudRKavoQ1GxqFHebbVFADVkbcfxfPC16GRh4cVYvUovqajjEcHrK8kibj9sALdBBJfnZypHqw9yCsuo8mE0%2Fminw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f2215d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.sparkline.min.js Show response
partners-ca.recoveryoutcomes.com/assets/material/js/plugins/sparkline/ 42 KB
14 KB 903ms
901ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/js/plugins/sparkline/jquery.sparkline.min.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e0242da172ab85985db3774c54ac1b53391a5b447857a100c5118b8281a543

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:00 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"a8ef-5d80ca7fc8293-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JaqEARyMe1CuRVso3G1SK5yypAYzPLjPRgXTuSM6QZ7zOuGFRaTJfiQjQtOVXK0IesLWcD528phGa8hrSiwu%2FnD0Hz9c45vUbLFfvQT%2BMdlxoJZC7JJbaVrosTxn5O7CV711DgfTy6U%2Brdy%2BTVBC0FBY15HiwCFD7B8HxwBCNw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f2415d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 sparkline-script.js Show response
partners-ca.recoveryoutcomes.com/assets/material/js/plugins/sparkline/ 5 KB
2 KB 75ms
73ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/js/plugins/sparkline/sparkline-script.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c1228abfbc672686fc5edcfe50c944013ae6e50ad9c69e3fe8aeb33d11c56abf

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"14e8-5d80ca7fc72f3-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UAjyerjoK9maRd9921hcqjTL7%2BrtHwcnbsE9XEv5FKh1GIAGdr4eCRDOK%2FM8p6ALsMeFw4k9oaPcrWDYulEeY4GQWyfkhE07NqVSR22e4qaWO3mo8QnT73OeSJd6mP4kdN3NGWvESFAPt3eCrMV64z4kgQ7y7eT7TbYC%2FrRAaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f2615d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 plugins.js Show response
partners-ca.recoveryoutcomes.com/assets/material/js/ 9 KB
3 KB 606ms
604ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/js/plugins.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63cf077da3ed63803358ecb2d227ef2d7047759bbddac70532039e3fc1883b2a

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:39:59 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"2322-5d80ca7fe47b4-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9uHN6shU55fneaYj4VHDGOdQlFuSaDuayfSnA3dfn107sOi0DQPEJlozS3WhF%2F%2F0zPaIoT%2Btd6ZRu9bnmcvDwT61CPik%2FHOoRc%2BPAJtSEzozpxZJoI6HYlp%2BYHQiqx7p5sKag7alM%2F6T6Su3AaH89UvJU7%2FTZZtpIL1%2BIznblw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f2715d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 custom-script.js Show response
partners-ca.recoveryoutcomes.com/assets/material/js/ 2 KB
1 KB 2421ms
2419ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/js/custom-script.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ee2436c29550d8f3007b84cd800cb88fc58bcbf6a71320e048617aede33e1fc

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Fri, 10 Jun 2022 04:19:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"620-5e1103e20e8ee-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nLoRXZ35UXXn3bn5QMiKKvofxH3opfT76DjE9wcABpy4p3tClMgLIFRwG236Ut019v6ISlK8UiAyuZNhcdKuPAL1X3ngN%2FrFXqW8trPzx5iW1KhME%2FzC6pUCN%2FPjmnVlSq66FWJvds2%2Bn0ZQPu46kPNLfeoLb8T2%2FGAqjQXFtw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f2815d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.rateyo.min.js Show response
partners-ca.recoveryoutcomes.com/assets/inspina/js/plugins/rateYo/ 9 KB
5 KB 2424ms
2422ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/inspina/js/plugins/rateYo/jquery.rateyo.min.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 79a263d26e135b59fbb305abd0f0cd8b079b3e54b16c5f756c8c7822d44d3db1

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 29 Mar 2022 05:05:30 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"23c5-5db5460c2f6fd-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9tulZKhXkjhU3meSEj3WjvqVmaKQXEES%2Fvfxp8bQf%2BXA%2Fv%2F%2BytAk4o3qv68QXjH7A96lOOmX%2FTdJmuIg%2BmI%2FF0pouQelW3bUNHGNxKalij7AJvAp7YRYr5wmpSic3jWBr%2Ffb%2FaP00EvCF8fS85y1MioxqKoxvtKb9%2BsZEMxL1w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f2915d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 linkPreview.js Show response
partners-ca.recoveryoutcomes.com/assets/js/ 23 KB
5 KB 2422ms
2420ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/js/linkPreview.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06e605f51e96e554d26bcf952a6acf34972ef57cefe62deb548918fa3851db50

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://partners-ca.recoveryoutcomes.com/account/auth/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:01 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:52 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5b58-5d80ca7f260ca-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zyyCtKIyf2Y43DVdu1XvgyVb%2FIrseGXaRa0kJKMthBi%2B5ITyhnwt8z4%2BU4bVumvR55mBT8JZ%2BjkMxmsf2HTeEqAj81sG9nvzVMFTDBVPlppW%2FZaPb%2BcB8OThYYrPUb1IIaHwE65xzrl8Qm3CJar9c0%2FnYQjgBi5Oc%2FecVNBGfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cf-ray: 795f9fed0f2a15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7d50e740862d7daae81ae285675e99fe30e8101fb9a72e935615a9d044728287

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 Roboto-Regular.woff2
partners-ca.recoveryoutcomes.com/assets/material/font/roboto/ 48 KB
49 KB 3423ms
3422ms Font
application/octet-stream 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/assets/material/font/roboto/Roboto-Regular.woff2
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/assets/material/css/materialize.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0

Request headers

Referer: https://partners-ca.recoveryoutcomes.com/assets/material/css/materialize.css
Origin: https://partners-ca.recoveryoutcomes.com
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:02 GMT
cf-cache-status: MISS
last-modified: Tue, 15 Feb 2022 11:15:53 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "c054-5d80ca7feb514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xwdXrh1E3QnOWOkTIds1VvYx%2BiQF9PsPDN468wfcvmUQ5K4zXuwub6JPmI5EDJDkSUaxxqK2V0WH50v1vDeM3oilVQl3qHO3F3IyqEuD%2FVgGj3lKEDi%2BmnGyuR6CnrurZk%2BjjHpzcKmxfJyYiueW4aokousGvQDVgFByf72%2Bbg%3D%3D"}],"group":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 795f9fed1f3f15d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49236

GET
H3 200 invisible.js Show response
partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 4E9D 32 KB
14 KB 31ms
31ms Script
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675800000
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ca2ef981d70dce9d728b17a1e564232b346b23c7b3e3d0648fd97ee673f3c23e

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:01 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vGuCl1b%2BzMBxAMs46Ky1ZFPunFEZ8MDdFWPD1rF0g7QvS3g8NfcyO41Ub080PWBm1UYtKrzSkqkNQzloQpXlLPO5LDKWonYtVHw6%2BE2NSGT6Vx4qAZxZI%2BSIw%2BKmkYqTSb1BJFsexFwM43DaD1FGbyQ%2FnhHiqpnjIPhvH1WoXA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 795f9ffc6d0515d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 pica.js
partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 4E9D 22 KB
9 KB 33ms
32ms Other
application/javascript 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/account/auth/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8b452c28173914247baa724232ddc32b82cc8ba42b76534811b304ff67ccb275

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 07 Feb 2023 22:40:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ebRF0EoYgzDCYWpq0V7hoITjRoDDwWKvarnlsVih4vVG%2B1WDECMWjtrU2fmuuBBpBC6MQzpnRAs8gSy2%2FaqIaMAijCgObqOBdPlS4vrIRkFt9VQyIitETkhOK9RT7qdWoWqmKHDsEnv9oP77X%2B4OAWFnoh5TSQjV55a0fl0bWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 795f9ffcad6715d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 795f9feb0c7015d7 Show response
partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 4E9D 2 B
696 B 55ms
54ms XHR
text/plain 2606:4700:3033::6815:4889
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/cv/result/795f9feb0c7015d7
Requested by: Host: partners-ca.recoveryoutcomes.com
URL: https://partners-ca.recoveryoutcomes.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1675800000
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3033::6815:4889 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 07 Feb 2023 22:40:02 GMT
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StwCA0P%2BPeUSf%2BADAYiNfStZXY%2Fvpd4dEGvc1%2FbLA4ouUhb3WH2unI0NHEpe4HwHrdQLwt5Ugnw7LKp9rQsokdczmfLScJ9MPRa81dmmo%2FzRKLKYNtVZ7Uf2YWth3cmTqvvgGqhSOEstsridaePc0uievv4iQjJaM7AI1s9MVg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=UTF-8
cf-ray: 795fa000baa515d7-EWR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| oncontentvisibilityautostatechange string| env_name string| instance string| ga_enabled string| ga_id undefined| script undefined| gtag object| ROI function| $ function| jQuery function| _createClass function| _classCallCheck function| getTime function| Vel function| Hammer object| Materialize object| Waves function| Keyboard function| Score object| WebuiPopovers function| RateYo function| validate_field number| $index undefined| $string

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			partners-ca.recoveryoutcomes.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: nerephrv1tbe2mspmu4onv6rrk
			partners-ca.recoveryoutcomes.com/	1969-12-31 23:59:59	Name: login_redirect Value: %2Faccount%2Fhome%2F
			.recoveryoutcomes.com/	1970-01-20 09:30:11	Name: __cf_bm Value: b7.gF4NkRGqzKhMVyDIybD7G76RHFkUsPYcfnKVy4rs-1675809602-0-AQrpmuiW/JM9YYAM0nyN+W/BgTNgpj1jr4vtNaHXNlOw4lC4tC7G7G1kzYG2TZdY/cYAJk59ERjJWk04ZfhaW/wMB151vDhzCB2G1K8P0l8px9tWkBFyXaN0uz3EOQiTpMAxGh5t5Atips1iEdnQZ0c=

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
partners-ca.recoveryoutcomes.com
2606:4700:3033::6815:4889
2607:f8b0:4006:821::200a
06e0242da172ab85985db3774c54ac1b53391a5b447857a100c5118b8281a543
06e605f51e96e554d26bcf952a6acf34972ef57cefe62deb548918fa3851db50
092f4cc3f2d5b0347b1a582479be1d500d70f4d75f61290b9df3d0fc7ffb5df2
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2c906abe8e860ee1495710a52c44432ca82af853ee6dcd74cd2948b4245f9d9f
3a5f25e9c40e385a62e7a91c60f0c955cc4cebce7370874aa6ceadb754e51a61
48dfa823d1ec42b865c53f653d10707ead62b7d4c79e5a7ab800035e4568963e
4ee2436c29550d8f3007b84cd800cb88fc58bcbf6a71320e048617aede33e1fc
5dcc1f650548dab92380f10aee2a8c4c878ece063b5d4201c1205b3a343f9a8b
63cf077da3ed63803358ecb2d227ef2d7047759bbddac70532039e3fc1883b2a
6c2f88e4fc42a8521de50ea14e370a65707c15e753e5a3d121752156069705be
79a263d26e135b59fbb305abd0f0cd8b079b3e54b16c5f756c8c7822d44d3db1
7b229fe1fdf5ee86bcdeaf1c58ab2187a496463cb590d89e23ae8264e3ae4377
7d50e740862d7daae81ae285675e99fe30e8101fb9a72e935615a9d044728287
80aa5497ff31b2c001474d9432f0853c11d200a67ea4f9852ab2f7ee2fedd9c2
8b452c28173914247baa724232ddc32b82cc8ba42b76534811b304ff67ccb275
a63e4dffafdd7c1ec660e9736ca35241308d6f1d7755d1b6989898bdff4c039b
b2c7bf6f549ae103c4e4578ae7be35ed16dde2d45bc5cc0f379f7b56d8856a89
b4e3205dd9fdf4dd18292d8f2419f303cb8ac316bce0134fb081e44e1fd9a262
b5c9c23bd12593523a46d79dd0aee80e3226bbde4c9ac05fc30a95e2c1510de0
c1228abfbc672686fc5edcfe50c944013ae6e50ad9c69e3fe8aeb33d11c56abf
c6463e38dac046f76074ead4a6dba0209d5e2a5bce17b07675f78f742da9f8ec
c665098c0f8d844ecbf81cf298fd1022e6123b08908b9c2ead471941a4c0387d
ca2ef981d70dce9d728b17a1e564232b346b23c7b3e3d0648fd97ee673f3c23e
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
f10d2ebce710703e1acbea2f953bc95a4080a84b450dbcb1f52a3a81b6d11e09
faa718cf215101a5fbd4d79ebe63bb7aed1d46c923f7b2565a4e7a7b92cc4b38