urlscan.io logo urlscan.io
SecurityTrails logo

recognizeinvestmentfraud.com Open in urlscan Pro
206.220.192.125  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://recognizeinvestmentfraud.com/
Effective URL: https://recognizeinvestmentfraud.com/
Submission: On May 15 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 2 countries across 7 domains to perform 32 HTTP transactions. The main IP is 206.220.192.125, located in Winnipeg, Canada and belongs to VOINETWORKS, CA. The main domain is recognizeinvestmentfraud.com.
TLS certificate: Issued by Starfield Secure Certificate Authorit... on July 24th 2023. Valid for: a year.
This is the only time recognizeinvestmentfraud.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
18 206.220.192.125 14866 (VOINETWORKS)
1 13.249.39.77 16509 (AMAZON-02)
1 52.216.214.16 16509 (AMAZON-02)
2 142.251.111.97 15169 (GOOGLE)
1 172.253.62.136 15169 (GOOGLE)
5 216.239.32.178 15169 (GOOGLE)
2 64.233.180.136 15169 (GOOGLE)
1 142.251.16.97 15169 (GOOGLE)
32 9
18    206.220.192.125 (Winnipeg, Canada)

ASN14866 (VOINETWORKS, CA)
PTR: client125.patternhosting.com
recognizeinvestmentfraud.com
1    13.249.39.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-249-39-77.iad89.r.cloudfront.net
cdn-images.mailchimp.com
1    52.216.214.16 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
2    142.251.111.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bk-in-f97.1e100.net
www.googletagmanager.com
1    172.253.62.136 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f136.1e100.net
www.youtube.com
5    216.239.32.178 (United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    64.233.180.136 (United States)

ASN15169 (GOOGLE, US)
PTR: pe-in-f136.1e100.net
www.youtube.com
1    142.251.16.97 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f97.1e100.net
ssl.google-analytics.com
Apex Domain
Subdomains		 Transfer
18 recognizeinvestmentfraud.com
recognizeinvestmentfraud.com
154 KB
6 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 32
ssl.google-analytics.com — Cisco Umbrella Rank: 654
38 KB
3 youtube.com
www.youtube.com — Cisco Umbrella Rank: 64
16 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
172 KB
1 amazonaws.com
s3.amazonaws.com
140 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 6052
2 KB
0 googleapis.com Failed
fonts.googleapis.com Failed
32 7
Domain Requested by
18 recognizeinvestmentfraud.com recognizeinvestmentfraud.com
5 www.google-analytics.com recognizeinvestmentfraud.com
www.googletagmanager.com
www.google-analytics.com
3 www.youtube.com recognizeinvestmentfraud.com
www.googletagmanager.com
www.youtube.com
2 www.googletagmanager.com recognizeinvestmentfraud.com
www.google-analytics.com
1 ssl.google-analytics.com recognizeinvestmentfraud.com
1 s3.amazonaws.com recognizeinvestmentfraud.com
1 cdn-images.mailchimp.com recognizeinvestmentfraud.com
0 fonts.googleapis.com Failed recognizeinvestmentfraud.com
32 8
Subject Issuer Validity Valid
recognizeinvestmentfraud.com
Starfield Secure Certificate Authority - G2		 2023-07-24 -
2024-08-24		 a year crt.sh
cdn-images.mailchimp.com
Amazon RSA 2048 M02		 2023-06-20 -
2024-07-17		 a year crt.sh
s3.amazonaws.com
Amazon RSA 2048 M01		 2024-02-08 -
2025-01-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://recognizeinvestmentfraud.com/
Frame ID: F840347174E1661F927A69B1C85CCA7F
Requests: 31 HTTP requests in this frame

Frame: https://www.youtube.com/embed/WsnmzpH_Er8?autoplay=0&fs=0&iv_load_policy=3&showinfo=1&rel=0&cc_load_policy=0&start=0&end=0&enablejsapi=1&origin=https://recognizeinvestmentfraud.com
Frame ID: B2CE1B6A15F2D7664CD64D90214F876B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

MSC Fraud Prevention | Manitoba Securities Commission

Page URL History Show full URLs

  1. http://recognizeinvestmentfraud.com/ HTTP 307
    https://recognizeinvestmentfraud.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • <form [^>]*id="mc-embedded-subscribe-form"
  • <form [^>]*name="mc-embedded-subscribe-form"
  • <!-- Begin MailChimp Signup Form -->
  • s3\.amazonaws\.com/downloads\.mailchimp\.com/js/mc-validate\.js
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

9
IPs

2
Countries

522 kB
Transfer

1223 kB
Size

16
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://recognizeinvestmentfraud.com/ HTTP 307
    https://recognizeinvestmentfraud.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
recognizeinvestmentfraud.com/
Redirect Chain
  • http://recognizeinvestmentfraud.com/
  • https://recognizeinvestmentfraud.com/
20 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache / PHP/5.4.45-0+deb7u11
Resource Hash
70682c96cfd992b497e0c6647b95639c11d2b29a70c170f007e752448d0bfeba

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
6045
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 May 2024 15:55:46 GMT
Expires
Mon, 26 Jul 1997 05:00:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Wed, 15 May 2024 15:55:46 GMT
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
X-Powered-By
PHP/5.4.45-0+deb7u11
X-UA-Compatible
IE=edge

Redirect headers

Location
https://recognizeinvestmentfraud.com/
Non-Authoritative-Reason
HttpsUpgrades
main.css
recognizeinvestmentfraud.com/css/ 		79 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/css/main.css
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
3ef484e7a2e4f753c6e4c7b31f431f442d0daeab27ad7529ed86183aa2d623ec

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 13 Sep 2022 21:14:13 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
12660
X-UA-Compatible
IE=edge
modernizr-2.6.2.dev.js
recognizeinvestmentfraud.com/js/libs/modernizr/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/js/libs/modernizr/modernizr-2.6.2.dev.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
7bc290463b7a769d99208ece37726107ef23a801ad75ec5ebdd2b7a2a5942be4

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2013 19:02:19 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
7958
X-UA-Compatible
IE=edge
jquery-1.8.2.js
recognizeinvestmentfraud.com/js/ 		259 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/js/jquery-1.8.2.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
34ce507c234b931fb3ceaa0d0e3f1059500ff66c1b009f46c4413a9e59c8a97e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2013 19:02:20 GMT
Server
Apache
Vary
Accept-Encoding
Transfer-Encoding
chunked
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
X-UA-Compatible
IE=edge
msc-logo.png
recognizeinvestmentfraud.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/images/msc-logo.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
c334355f65d93498eb072aad174c107c6f0adfbe231f1c84140c867ad263404d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:51 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2110
X-UA-Compatible
IE=edge
wpg_police.png
recognizeinvestmentfraud.com/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/images/wpg_police.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
73d43513921720544598cc014aa8287c153e4b4adf3c9b505531d44002c2f160

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Wed, 04 Sep 2013 14:28:57 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8675
X-UA-Compatible
IE=edge
icon-flag.png
recognizeinvestmentfraud.com/css/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/css/img/icon-flag.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
f8fc61692629ec20a7b16c580f418b462d958b9f1cd46d37d511b827f59e7e1d

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:47 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2914
X-UA-Compatible
IE=edge
icon-document.png
recognizeinvestmentfraud.com/css/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/css/img/icon-document.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
8cde66563ef4aa9c47cb224cebd62000208f0b8ce4ae2942dd85f1f3f07631b0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:47 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
2995
X-UA-Compatible
IE=edge
icon-mail.png
recognizeinvestmentfraud.com/css/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/css/img/icon-mail.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
7c503ad35ffd9fe639ffee8de2a9aedeeb9de140ca7ce71636d664098657eba8

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:47 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3426
X-UA-Compatible
IE=edge
classic-10_7.css
cdn-images.mailchimp.com/embedcode/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-10_7.css
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.249.39.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-249-39-77.iad89.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-amz-version-id
null
content-encoding
gzip
via
1.1 f9efe5e72b7e5cc47bf34a0b0debcbe2.cloudfront.net (CloudFront)
date
Wed, 15 May 2024 14:30:00 GMT
last-modified
Thu, 17 Dec 2015 16:52:30 GMT
server
AmazonS3
x-amz-cf-pop
IAD89-C1
age
5147
etag
W/"ae0fc9b84c30cada1784022044962394"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
vT5odM_tMH5-j7ZBE4TJ-wfUV2-p7C1gLcvTu_8AvzTaAXcRyZPnQQ==
mc-validate.js
s3.amazonaws.com/downloads.mailchimp.com/js/ 		140 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/downloads.mailchimp.com/js/mc-validate.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.216.214.16 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:47 GMT
Last-Modified
Mon, 20 Aug 2018 17:42:38 GMT
Server
AmazonS3
x-amz-request-id
CJ877CN4YH9RCK2N
ETag
"6465dd4a8331265e6629cd069e03504c"
Content-Type
application/javascript
Cache-Control
public,max-age=2592000
Accept-Ranges
bytes
Content-Length
143249
x-amz-id-2
eD03RuIJKl7Kn1W2wAX2miooj8eeUGPWNjl9ohfslNePUG1eFWlUIrxJsZTa6DRI+f1+UHrUFE4=
msc-logo-footer.png
recognizeinvestmentfraud.com/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/images/msc-logo-footer.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
9e216e0d299a7cf582c0eb604b061849102ac7df1dc222cc36360afb3b5c97bc

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:51 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2653
X-UA-Compatible
IE=edge
jquery.easing.1.3.js
recognizeinvestmentfraud.com/js/ 		8 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/js/jquery.easing.1.3.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2013 19:02:17 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1991
X-UA-Compatible
IE=edge
jquery.PanelCarousel-1.0.0.js
recognizeinvestmentfraud.com/js/ 		12 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/js/jquery.PanelCarousel-1.0.0.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
a4d2104e6a49f9217f180289705b2daaf5feb746b225f9e50b9c444465e580ee

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2013 19:02:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3018
X-UA-Compatible
IE=edge
thinkshift.js
recognizeinvestmentfraud.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/js/thinkshift.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
f95a0747c3f2a848b7ce27bdce4a420e9a546633f6571503d2a8a91eed09745e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Content-Encoding
gzip
Last-Modified
Wed, 29 Jul 2015 22:04:36 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
2607
X-UA-Compatible
IE=edge
retina.js
recognizeinvestmentfraud.com/js/ 		1 KB
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/js/retina.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
4b75d94f66a12f86bb0c238861680cc589c4463ba29be6889ed6dbeb5594aa19

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2013 19:02:16 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
691
X-UA-Compatible
IE=edge
css
fonts.googleapis.com/ 		0
0
gtm.js
www.googletagmanager.com/ 		220 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WLQV57D
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
6ea4b4ca1070f41a21081994efaa906ee34206aeb5ac8f29de11e299d9b34429
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:55:46 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
80278
x-xss-protection
0
last-modified
Wed, 15 May 2024 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 15 May 2024 15:55:46 GMT
WsnmzpH_Er8
www.youtube.com/embed/ Frame B2CE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/WsnmzpH_Er8?autoplay=0&fs=0&iv_load_policy=3&showinfo=1&rel=0&cc_load_policy=0&start=0&end=0&enablejsapi=1&origin=https://recognizeinvestmentfraud.com
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f136.1e100.net
Software
ESF /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-CA,en;q=0.9;q=0.9
Referer
https://recognizeinvestmentfraud.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-p88yUKypRqghVSgudRIkWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
content-type
text/html; charset=utf-8
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
cross-origin-resource-policy
cross-origin
date
Wed, 15 May 2024 15:55:47 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options
nosniff
x-xss-protection
0
texture.png
recognizeinvestmentfraud.com/css/img/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/css/img/texture.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
8bf480a36e4adb02a45dbbade01b3f4ece62c6b4ae0416866376e4501abc9122

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/css/main.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:48 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
9689
X-UA-Compatible
IE=edge
grey-lines.png
recognizeinvestmentfraud.com/css/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://recognizeinvestmentfraud.com/css/img/grey-lines.png
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
2117a60ac19ad4dcb60250dc12e102a0e8d50683e32536f1e227f72f7551d443

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/css/main.css
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:47 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1810
X-UA-Compatible
IE=edge
fonticons.woff
recognizeinvestmentfraud.com/css/fonts/icons/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/css/fonts/icons/fonticons.woff
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/css/main.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
9066ec5f0c13d0bc2253ba8746f82e5b4d5fdf0ff212b4a1c55af6aadb0b62c1

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/css/main.css
Origin
https://recognizeinvestmentfraud.com
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:46 GMT
Last-Modified
Tue, 07 May 2013 19:01:50 GMT
Server
Apache
Content-Type
application/x-font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3236
X-UA-Compatible
IE=edge
ga.js
www.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/ga.js
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 May 2024 15:50:56 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
291
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 15 May 2024 17:50:56 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLQV57D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 May 2024 15:38:27 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
1040
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 15 May 2024 17:38:27 GMT
iframe_api
www.youtube.com/ 		993 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/iframe_api
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WLQV57D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f136.1e100.net
Software
ESF /
Resource Hash
21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:55:47 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
content-encoding
br
content-security-policy-report-only
base-uri 'self';default-src 'self' https: blob:;font-src https: data:;img-src https: data: android-webview-video-poster:;media-src blob: https:;object-src 'none';report-uri /cspreport/common;script-src 'report-sample' 'nonce-LvZKDfeqXUIzQqEfX5AAZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';style-src https: 'unsafe-inline'
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
content-type
text/javascript; charset=utf-8
vary
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cache-control
private, max-age=0
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
origin-trial
AmhMBR6zCLzDDxpW+HfpP67BqwIknWnyMOXOQGfzYswFmJe+fgaI6XZgAzcxOrzNtP7hEDsOo1jdjFnVr2IdxQ4AAAB4eyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTc1ODA2NzE5OSwiaXNTdWJkb21haW4iOnRydWV9
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
expires
Wed, 15 May 2024 15:55:47 GMT
collect
www.google-analytics.com/j/ 		15 B
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=942966410&t=pageview&_s=1&dl=https%3A%2F%2Frecognizeinvestmentfraud.com%2F&ul=en-ca&de=UTF-8&dt=MSC%20Fraud%20Prevention%20%7C%20Manitoba%20Securities%20Commission&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=315343471&gjid=918333496&cid=1799934250.1715788547&tid=UA-40616794-1&_gid=394394026.1715788547&_r=1&_slc=1&gtm=45He45d0n81WLQV57Dza200&gcd=13l3l3l3l1&dma=0&z=551323426
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
ea8fea85a4b9aa676aca358dea3bbb23c8ef3cc314f423b4da8dd3b07f9ce130
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 May 2024 15:55:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://recognizeinvestmentfraud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
__utm.gif
ssl.google-analytics.com/r/ 		35 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1988244157&utmhn=recognizeinvestmentfraud.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-ca&utmje=0&utmfl=-&utmdt=MSC%20Fraud%20Prevention%20%7C%20Manitoba%20Securities%20Commission&utmhid=942966410&utmr=-&utmp=%2F&utmht=1715788547227&utmac=UA-40616794-1&utmcc=__utma%3D246820487.1799934250.1715788547.1715788547.1715788547.1%3B%2B__utmz%3D246820487.1715788547.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1262473304&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~
Requested by
Host: recognizeinvestmentfraud.com
URL: https://recognizeinvestmentfraud.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f97.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 15:55:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
www-widgetapi.js
www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/db9cbc4e/www-widgetapi.vflset/www-widgetapi.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/iframe_api
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
64.233.180.136 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
pe-in-f136.1e100.net
Software
sffe /
Resource Hash
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:23:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
1949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13973
x-xss-protection
0
last-modified
Mon, 13 May 2024 04:15:10 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Thu, 15 May 2025 15:23:18 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9B1MQV3EWD&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.111.97 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
bk-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
3d4ca56285224329c7e634effdd58c79eb9ac30f95766db24c6622b03efaa9c6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 15 May 2024 15:55:47 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
94919
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 May 2024 15:55:47 GMT
collect
www.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-9B1MQV3EWD&gtm=45je45d0v9126176186za200&_p=1715788546871&gcd=13l3l3l3l2&npa=0&dma=0&ul=en-ca&sr=1600x1200&cid=1799934250.1715788547&uaa=x86&uab=64&uafvl=Chromium%3B124.0.6367.201%7CGoogle%2520Chrome%3B124.0.6367.201%7CNot-A.Brand%3B99.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&frm=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Frecognizeinvestmentfraud.com%2F&dt=MSC%20Fraud%20Prevention%20%7C%20Manitoba%20Securities%20Commission&sid=1715788547&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=1484
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9B1MQV3EWD&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 15:55:47 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://recognizeinvestmentfraud.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=942966410&t=event&ni=0&_s=1&dl=https%3A%2F%2Frecognizeinvestmentfraud.com%2F&ul=en-ca&de=UTF-8&dt=MSC%20Fraud%20Prevention%20%7C%20Manitoba%20Securities%20Commission&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Depth&ea=25&el=%2F&_utma=246820487.1799934250.1715788547.1715788547.1715788547.1&_utmz=246820487.1715788547.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1715788547739&_u=aEDCAEABAAAAACAAI~&jid=&gjid=&cid=1799934250.1715788547&tid=UA-40616794-1&_gid=394394026.1715788547&gtm=45He45d0n81WLQV57Dza200&gcd=13l3l3l3l1&dma=0&z=1283029675
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.239.32.178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 15 May 2024 02:37:38 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
47889
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
favicon.ico
recognizeinvestmentfraud.com/ 		1 KB
1 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://recognizeinvestmentfraud.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
206.220.192.125 Winnipeg, Canada, ASN14866 (VOINETWORKS, CA),
Reverse DNS
client125.patternhosting.com
Software
Apache /
Resource Hash
0c2b72526ab7fa952e0641699a4baf6d5346af5cc7e89fc81dee8c59d109d9d0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://recognizeinvestmentfraud.com/
Accept-Language
en-CA,en;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 15 May 2024 15:55:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 07 May 2013 19:01:35 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
image/x-icon
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
853
X-UA-Compatible
IE=edge

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
http://fonts.googleapis.com/css?family=Roboto+Condensed:700italic,400,700

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| html5 object| Modernizr function| yepnope function| $ function| jQuery object| dataLayer function| require_one_sub_interest object| mc function| $mcj object| fnames object| ftypes function| setupFormValidation function| setRiskLevel function| createCarousels function| applyAccordion function| setupQuiz function| nextQuestion function| resizeElements function| setupReportForm function| setupMobileSubMenu function| trackPhoneClicks function| trackAlertDownloads function| trackResources function| setupNameFields function| setUpMSCSearch function| setUpEmailClicks number| currentQuestion number| totalQuestions number| questionDistance object| questionContainer object| jQuery1820324832624606735 function| RetinaImagePath function| RetinaImage object| _gaq object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaplugins object| gaGlobal object| gaData object| _gat object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter

16 Cookies

Domain/Path Name / Value
recognizeinvestmentfraud.com/ Name: exp_last_visit
Value: 1400428546
recognizeinvestmentfraud.com/ Name: exp_last_activity
Value: 1715788546
recognizeinvestmentfraud.com/ Name: exp_tracker
Value: a%3A1%3A%7Bi%3A0%3Bs%3A5%3A%22index%22%3B%7D
recognizeinvestmentfraud.com/ Name: PHPSESSID
Value: 28r3ijgniuqfk1e9dt0dqqsro0
.youtube.com/ Name: YSC
Value: iNvOfADVhW4
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: OuER6UWsoUI
.youtube.com/ Name: VISITOR_PRIVACY_METADATA
Value: CgJDQRIEGgAgPQ%3D%3D
.recognizeinvestmentfraud.com/ Name: _ga
Value: GA1.2.1799934250.1715788547
.recognizeinvestmentfraud.com/ Name: _gid
Value: GA1.2.394394026.1715788547
.recognizeinvestmentfraud.com/ Name: _gat_UA-40616794-1
Value: 1
.recognizeinvestmentfraud.com/ Name: __utma
Value: 246820487.1799934250.1715788547.1715788547.1715788547.1
.recognizeinvestmentfraud.com/ Name: __utmc
Value: 246820487
.recognizeinvestmentfraud.com/ Name: __utmz
Value: 246820487.1715788547.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.recognizeinvestmentfraud.com/ Name: __utmt
Value: 1
.recognizeinvestmentfraud.com/ Name: __utmb
Value: 246820487.1.10.1715788547
.recognizeinvestmentfraud.com/ Name: _ga_9B1MQV3EWD
Value: GS1.2.1715788547.1.0.1715788547.0.0.0

1 Console Messages

Source Level URL
Text
security error URL: https://recognizeinvestmentfraud.com/(Line 17)
Message:
Mixed Content: The page at 'https://recognizeinvestmentfraud.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://fonts.googleapis.com/css?family=Roboto+Condensed:700italic,400,700'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-images.mailchimp.com
fonts.googleapis.com
recognizeinvestmentfraud.com
s3.amazonaws.com
ssl.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
www.youtube.com
fonts.googleapis.com
13.249.39.77
142.251.111.97
142.251.16.97
172.253.62.136
206.220.192.125
216.239.32.178
52.216.214.16
64.233.180.136
0c2b72526ab7fa952e0641699a4baf6d5346af5cc7e89fc81dee8c59d109d9d0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2117a60ac19ad4dcb60250dc12e102a0e8d50683e32536f1e227f72f7551d443
21611496da46783ac76e2a0dbc39bfab73f4aad4e97cc29b78bf57a7d934217c
3074d74b47a1fae140faeb7eadb8af0a6634f8262bf2436541d21243389d022d
34ce507c234b931fb3ceaa0d0e3f1059500ff66c1b009f46c4413a9e59c8a97e
3d4ca56285224329c7e634effdd58c79eb9ac30f95766db24c6622b03efaa9c6
3ef484e7a2e4f753c6e4c7b31f431f442d0daeab27ad7529ed86183aa2d623ec
4b75d94f66a12f86bb0c238861680cc589c4463ba29be6889ed6dbeb5594aa19
613b1a7b4e9e279b4bcceed16041478402a795ac76653535589480190b3aa1c0
6ea4b4ca1070f41a21081994efaa906ee34206aeb5ac8f29de11e299d9b34429
70682c96cfd992b497e0c6647b95639c11d2b29a70c170f007e752448d0bfeba
73d43513921720544598cc014aa8287c153e4b4adf3c9b505531d44002c2f160
7bc290463b7a769d99208ece37726107ef23a801ad75ec5ebdd2b7a2a5942be4
7c503ad35ffd9fe639ffee8de2a9aedeeb9de140ca7ce71636d664098657eba8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8bf480a36e4adb02a45dbbade01b3f4ece62c6b4ae0416866376e4501abc9122
8cde66563ef4aa9c47cb224cebd62000208f0b8ce4ae2942dd85f1f3f07631b0
9066ec5f0c13d0bc2253ba8746f82e5b4d5fdf0ff212b4a1c55af6aadb0b62c1
9e216e0d299a7cf582c0eb604b061849102ac7df1dc222cc36360afb3b5c97bc
a4d2104e6a49f9217f180289705b2daaf5feb746b225f9e50b9c444465e580ee
b15aceb04dbf5604df5617cfe984f48479cb131c1df02825d1c24e9f35d01857
c334355f65d93498eb072aad174c107c6f0adfbe231f1c84140c867ad263404d
cda4b38b39e069aa2813486847385336d428d24a0c67734594116100328774e7
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8fea85a4b9aa676aca358dea3bbb23c8ef3cc314f423b4da8dd3b07f9ce130
f8fc61692629ec20a7b16c580f418b462d958b9f1cd46d37d511b827f59e7e1d
f95a0747c3f2a848b7ce27bdce4a420e9a546633f6571503d2a8a91eed09745e