URL: https://alchemy.staging.cibcomms.co.uk/
Submission: On February 10 via automatic, source certstream-suspicious — Scanned from GB

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 23 HTTP transactions. The main IP is 138.68.133.172, located in London, United Kingdom and belongs to DIGITALOCEAN-ASN, US. The main domain is alchemy.staging.cibcomms.co.uk.
TLS certificate: Issued by R3 on November 8th 2022. Valid for: 3 months.
This is the only time alchemy.staging.cibcomms.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
12 138.68.133.172 14061 (DIGITALOC...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
23 7
Apex Domain
Subdomains
Transfer
12 cibcomms.co.uk
alchemy.staging.cibcomms.co.uk
910 KB
4 ctrlstn.com
ctrlstn.com
47 KB
2 gstatic.com
fonts.gstatic.com
91 KB
2 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 360
26 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
28 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 746
7 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
1 KB
23 7
Domain Requested by
12 alchemy.staging.cibcomms.co.uk alchemy.staging.cibcomms.co.uk
4 ctrlstn.com alchemy.staging.cibcomms.co.uk
ctrlstn.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdn.jsdelivr.net alchemy.staging.cibcomms.co.uk
1 cdnjs.cloudflare.com alchemy.staging.cibcomms.co.uk
1 maxcdn.bootstrapcdn.com alchemy.staging.cibcomms.co.uk
1 fonts.googleapis.com alchemy.staging.cibcomms.co.uk
23 7

This site contains links to these domains. Also see Links.

Domain
alchemy-ingredients.com
Subject Issuer Validity Valid
www.alchemy-ingredients.com
R3
2022-11-08 -
2023-02-06
3 months crt.sh
upload.video.google.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3
2022-06-02 -
2023-06-01
a year crt.sh
*.gstatic.com
GTS CA 1C3
2023-01-31 -
2023-04-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://alchemy.staging.cibcomms.co.uk/
Frame ID: DFE8EAA24ED464C0BCD059F732834A1F
Requests: 23 HTTP requests in this frame

Screenshot

Page Title

[devMode] Functional Cosmetic Ingredients - Alchemy Ingredients

Detected technologies

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 10%
Detected patterns
  • basket.*\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

23
Requests

48 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

1111 kB
Transfer

2159 kB
Size

7
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
alchemy.staging.cibcomms.co.uk/
719 KB
14 KB
Document
General
Full URL
https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx / Craft CMS
Resource Hash
f2093ab2f670f61d03df80252add802d4fdc564f6ff4deb7e3c5b34d6f8f4d65

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
en-GB,en;q=0.9

Response headers

cache-control
no-store, no-cache, must-revalidate
charset
utf-8
content-encoding
br
content-type
text/html; charset=utf-8
date
Fri, 10 Feb 2023 03:08:36 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
pragma
no-cache
server
nginx
vary
Accept-Encoding
x-powered-by
Craft CMS
css2
fonts.googleapis.com/
17 KB
1 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3c92f794c2a5cc38bd8cfb0ab055930574bec667902df7aa209fd39df6138f50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 01:57:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Feb 2023 03:08:36 GMT
jquery.fancybox.min.css
cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.5.6/dist/
12 KB
4 KB
Stylesheet
General
Full URL
https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.5.6/dist/jquery.fancybox.min.css
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
12382064
x-jsd-version
3.5.6
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19146-FRA, cache-itm18823-ITM
x-jsd-version-type
version
server
cloudflare
etag
W/"31fb-G+m3m+AqHPxdlsSl4P649HK6vZU"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YxZ20j1BhBk9oTglfF9OD1FzuA%2BiTKVUBXy54%2Bm4nYb2ufD2AMdxNlcDwuVw930NpyCW7Oee0mM4x9%2FghSC4VBOosmcoI0Gfc%2F8Z%2Fpk3%2F83HmM9bb49mPj%2Fe5pgPt4aHwvFJ0kK2IX6JzYia250%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7971a42869d188a3-LHR
styles.min.css
alchemy.staging.cibcomms.co.uk/assets/css/
102 KB
14 KB
Stylesheet
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/css/styles.min.css
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
a6c616619891f86e73c32a598672a7689fb294deed32dc306e0aad8dfeadcc93

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
last-modified
Tue, 05 Oct 2021 10:58:30 GMT
server
nginx
etag
W/"19652-5cd98e8f9f311"
vary
Accept-Encoding
content-type
text/css
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/
28 KB
7 KB
Stylesheet
General
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.6.0/css/font-awesome.min.css
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
947
age
2450616
cdn-cachedat
07/18/2022 07:28:15
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"963f38577cc1586d78e83a4acdf39723"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
c918cf9be4b81bb045b5b5900f73b624
timing-allow-origin
*
cdn-requestcountrycode
FR
cdn-status
200
cf-ray
7971a428683824ba-LHR
cdn-requestpullsuccess
True
burger.svg
alchemy.staging.cibcomms.co.uk/assets/img/
918 B
550 B
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/img/burger.svg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
56e46aefe8b2b41877c4cf7ee22d447f095df695f0507a5e0c545d8f3d462efb

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 15:16:44 GMT
server
nginx
etag
W/"396-5c00459e9e0bd"
vary
Accept-Encoding
content-type
image/svg+xml
basket.svg
alchemy.staging.cibcomms.co.uk/assets/img/
448 B
400 B
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/img/basket.svg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8fff79a374d7b8085d62150bda6841c268e3cf4fe85a72469a2098f8d718e47a

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 15:16:44 GMT
server
nginx
etag
W/"1c0-5c00459e934dd"
vary
Accept-Encoding
content-type
image/svg+xml
search.svg
alchemy.staging.cibcomms.co.uk/assets/img/
1 KB
801 B
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/img/search.svg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
87fd08e9ac238b804b7bcfd2ebc2b9df0de680028f663572aa97700b01be190d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 15:16:44 GMT
server
nginx
etag
W/"575-5c00459ef7e3d"
vary
Accept-Encoding
content-type
image/svg+xml
logo.svg
alchemy.staging.cibcomms.co.uk/assets/img/
15 KB
5 KB
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/img/logo.svg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
e65403ef46c7017d5608002d063211c7dcc735d05ed04a1c0c19e436c4bc4a56

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 15:16:44 GMT
server
nginx
etag
W/"3ac6-5c00459eda97d"
vary
Accept-Encoding
content-type
image/svg+xml
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/
87 KB
28 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
29797
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27958
last-modified
Mon, 04 May 2020 23:01:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb09ed3-15d84"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5rX9MuDNQ7uQpBy6BDuJg4Dw97S%2FefsU9leAQjmwmyyXBevQ6J6jY%2FCKaVR0P%2F%2FAc6tezmGTYA%2FIXRPtc6OCol0eSIn1P%2FgZsIrXiFFQ%2BanNCn97KaiRAfRjwFK4x5jKc9hJ1M3LZyKK%2ByutRcx0xKS"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7971a4287f5323b8-LHR
expires
Wed, 31 Jan 2024 03:08:36 GMT
jquery.fancybox.min.js
cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.5.6/dist/
67 KB
22 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/@fancyapps/fancybox@3.5.6/dist/jquery.fancybox.min.js
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c787a5704661491a0877721ca934b66aa26ac70f8a8eab8ccc48c86c86a41556
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
fastly-original-body-size
21997
age
1303828
x-jsd-version
3.5.6
content-encoding
br
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19126-FRA, cache-jnb7025-JNB
x-jsd-version-type
version
server
cloudflare
etag
W/"10a64-nisgWojJSfyOanVQ1QLavisatMA"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JQKNTuMVJPEGwzdTDf0Dy6rgtkwx8jB%2B1ojau3Ss7eGbdEhsEP%2FqeAKedQjPhX%2BVS9luOElkh74YmPaqxQm10xQbUD0oQ3aAD5IeNqcOwDlfgJlv8Z8bvO4aN0KZQ2C%2FNlmNlQ%2BRDgYn8idtCvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*
cf-ray
7971a42869d288a3-LHR
app.min.js
alchemy.staging.cibcomms.co.uk/assets/js/
9 KB
3 KB
Script
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/js/app.min.js
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
52dec3170ae8aed2f947c1efe138cac9b48fd17814999721e9f88aefbe80161f

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
last-modified
Thu, 15 Apr 2021 15:17:15 GMT
server
nginx
etag
W/"2294-5c0045bbe42fd"
vary
Accept-Encoding
content-type
application/javascript
ctrlstn.min.js
ctrlstn.com/assets/js/
341 B
775 B
Script
General
Full URL
https://ctrlstn.com/assets/js/ctrlstn.min.js
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97775ae2df820f92e7243f34726e76ef2eed36dd8586ebea84684521053348dd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 03 Feb 2021 16:30:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
504444
etag
W/"155-5ba711bdf90e9-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s7rVfKuBJMyVz6bALmhxy3kvVBsPbzda4mS%2Bgo47y8CULhn6CG%2BnBn93%2FWgigi5kbPVs%2BNWHJNnrIgmeLcWJi5NHaw4imrgcVha3k7HHj5SHIV7C8Lf%2FCGZIDgr%2BRvlb7qgYjjc4ngxNgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
private, max-age=5356800
cf-ray
7971a428abad747c-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 14 Jan 2024 23:15:24 GMT
Micromulse-Bubbles.png
alchemy.staging.cibcomms.co.uk/assets/uploads/images/_hero/
620 KB
620 KB
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/uploads/images/_hero/Micromulse-Bubbles.png
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
8f3915d68d66428a01ce6d113e2624887d4a5385ef8c999eff01966cc9943ebd

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
last-modified
Wed, 24 Mar 2021 09:15:43 GMT
server
nginx
accept-ranges
bytes
etag
"9ae1b-5be44be480dc0"
content-length
634395
content-type
image/png
Vanilla-flower.jpg
alchemy.staging.cibcomms.co.uk/assets/uploads/images/_hero/
76 KB
76 KB
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/uploads/images/_hero/Vanilla-flower.jpg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
161a7c0687eb147a82abb1520151edcfc707143b33b643cd3d301cbe7b46185d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
last-modified
Tue, 16 Feb 2021 16:38:56 GMT
server
nginx
accept-ranges
bytes
etag
"130fc-5bb76bd0f8800"
content-length
78076
content-type
image/jpeg
transparent-gel-lilac.jpg
alchemy.staging.cibcomms.co.uk/assets/uploads/images/_hero/
92 KB
92 KB
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/uploads/images/_hero/transparent-gel-lilac.jpg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
322a8a7ab91cf41d7e24d4dad1cb1d5a19a41ab07592829ca46f064c82e2473d

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
last-modified
Mon, 18 Jan 2021 09:49:46 GMT
server
nginx
accept-ranges
bytes
etag
"17028-5b929a45e6280"
content-length
94248
content-type
image/jpeg
905567773.jpg
alchemy.staging.cibcomms.co.uk/assets/uploads/images/_snippet/
20 KB
20 KB
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/uploads/images/_snippet/905567773.jpg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
0c3f6e20a3cd9167c4fd05f00e91cc4542c18f6c556499ac5ca88459e5f01ed3

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
last-modified
Mon, 18 Jan 2021 09:49:47 GMT
server
nginx
accept-ranges
bytes
etag
"4ef5-5b929a46da4c0"
content-length
20213
content-type
image/jpeg
Kelp.jpg
alchemy.staging.cibcomms.co.uk/assets/uploads/images/_snippet/
64 KB
64 KB
Image
General
Full URL
https://alchemy.staging.cibcomms.co.uk/assets/uploads/images/_snippet/Kelp.jpg
Requested by
Host: alchemy.staging.cibcomms.co.uk
URL: https://alchemy.staging.cibcomms.co.uk/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
138.68.133.172 London, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
63e89aa053f7a68b98d5651d25d48fb818f8c765b63977dfc9bf243cff185d11

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
last-modified
Tue, 16 Feb 2021 16:23:01 GMT
server
nginx
accept-ranges
bytes
etag
"10120-5bb7684236340"
content-length
65824
content-type
image/jpeg
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/
44 KB
44 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://alchemy.staging.cibcomms.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Tue, 07 Feb 2023 22:49:22 GMT
x-content-type-options
nosniff
age
188354
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 07 Feb 2024 22:49:22 GMT
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v34/
47 KB
47 KB
Font
General
Full URL
https://fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://alchemy.staging.cibcomms.co.uk
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 19:22:25 GMT
x-content-type-options
nosniff
age
546371
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47952
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:22:41 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Feb 2024 19:22:25 GMT
v2.js
ctrlstn.com/assets/js/
121 KB
40 KB
Script
General
Full URL
https://ctrlstn.com/assets/js/v2.js
Requested by
Host: ctrlstn.com
URL: https://ctrlstn.com/assets/js/ctrlstn.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4edfb22b631c83a41369a022fd60d6ad2e5bec9d2ff83f37ab30b33e8ab5b820

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
582110
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 31 Mar 2021 11:40:49 GMT
server
cloudflare
etag
W/"1e285-5bed3961f2d33-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4aNDqTNd6DWw1iN6rF2SkQt%2FN9AUnt%2F1kC3zWfXu3r9KYqqQftIokicSsd%2BOvKtEi60A4EoOBCLH6nGH2KsNhOZFVpkhc%2Bbt%2FPu7BUoYWTOYxTI02HfqF4oTWcmurtGriWIMhouZimb%2Flg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
3227336
content-type
application/javascript
cache-control
private, max-age=5356800
cf-ray
7971a4293bef747c-LHR
expires
Fri, 26 Jan 2024 01:01:34 GMT
cookies
ctrlstn.com/en/api/
12 KB
4 KB
XHR
General
Full URL
https://ctrlstn.com/en/api/cookies
Requested by
Host: ctrlstn.com
URL: https://ctrlstn.com/assets/js/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Craft CMS
Resource Hash
4469ff06fc374622dfad0430277761b039342de3cce8601da8b0b56d66198c40

Request headers

Accept
application/json, text/plain, */*
Referer
https://alchemy.staging.cibcomms.co.uk/
accept-language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundaryPM2c3hpoXtMNaFSm

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by
Craft CMS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SsjyMarREbsFh1%2BWE7HzZLQ6dkuFV8DrQqkQPe1iq3VkCwefjGLwU%2BKyY6Yj74SHP1uFMVzMCNw2wdnzaklJ79yAT551UDOyPGHNjjfkapC17SM0GHwR0VNSGz1BIOa2zlElOdh1FmRqcw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
private, must-revalidate
cf-ray
7971a42a2845e684-LHR
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Fri, 10 Feb 2023 03:08:36 GMT
v2.min.css
ctrlstn.com/assets/css/
5 KB
2 KB
Stylesheet
General
Full URL
https://ctrlstn.com/assets/css/v2.min.css
Requested by
Host: ctrlstn.com
URL: https://ctrlstn.com/assets/js/v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c641bd5a0b77b33d21083483976de627dbed468c224acb9e51e9829b83db153

Request headers

accept-language
en-GB,en;q=0.9
Referer
https://alchemy.staging.cibcomms.co.uk/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 03:08:36 GMT
via
1.1 varnish-v4
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
582623
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sun, 31 Jan 2021 17:19:23 GMT
server
cloudflare
etag
W/"154c-5ba35704663b4-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BHndZU9L1cLxhuxaqrqf4fSonJajdidqzoOtJTXeoA7FmysiBW5uGumBDfhmy0nSy8jV3tQB1c6zw%2Bv5hqlTjuxbWu1ta1RdsU3OA41GYn672%2BprUm3SC845dzAB2aAwe6LVkFMJW56mYg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-varnish
20081205 19810567
content-type
text/css
cache-control
public, max-age=5356800
cf-ray
7971a42b1c7371ea-LHR
expires
Tue, 30 Jan 2024 05:54:27 GMT

Verdicts & Comments Add Verdict or Comment

27 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery function| detectIE number| currentIndex function| positionFooter function| beginAppear function| positionFooterWhenPageContentChanges function| generateBackgroundImage object| App string| csrfTokenValue object| CtrlStn string| mkConsentLanguage string| mkCookieElement number| mkCookieElementHeadingLevel string| mkSite boolean| manualAppear function| _typeof object| regeneratorRuntime object| __core-js_shared__ object| core function| setImmediate function| clearImmediate boolean| _babelPolyfill object| dataLayer object| ctrlstn

7 Cookies

Domain/Path Name / Value
alchemy.staging.cibcomms.co.uk/ Name: CraftSessionId
Value: 4e0b05aedcdff1e7ef7505f194a6a7d0
alchemy.staging.cibcomms.co.uk/ Name: quote_basket
Value: f811ffec143486fa603239150adaed22aa922fc8s%3A2%3A%22%5B%5D%22%3B
alchemy.staging.cibcomms.co.uk/ Name: CRAFT_CSRF_TOKEN
Value: 1d75d6d542ff597d895c23ffbe046836482b075ds%3A40%3A%22ZTYfgunNAy9KSRpyOhOqmhpSA0BIak4QehfclSM0%22%3B
alchemy.staging.cibcomms.co.uk/ Name: mkconsent_id
Value: a34be78563fb18a27020bf16e7c1a3c2
alchemy.staging.cibcomms.co.uk/ Name: mkconsent_performance
Value: 0
alchemy.staging.cibcomms.co.uk/ Name: mkconsent_functional
Value: 0
alchemy.staging.cibcomms.co.uk/ Name: mkconsent_targeting
Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

alchemy.staging.cibcomms.co.uk
cdn.jsdelivr.net
cdnjs.cloudflare.com
ctrlstn.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
138.68.133.172
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:811::2003
2a00:1450:4001:828::200a
2a06:98c1:3121::3
0c3f6e20a3cd9167c4fd05f00e91cc4542c18f6c556499ac5ca88459e5f01ed3
161a7c0687eb147a82abb1520151edcfc707143b33b643cd3d301cbe7b46185d
2c641bd5a0b77b33d21083483976de627dbed468c224acb9e51e9829b83db153
322a8a7ab91cf41d7e24d4dad1cb1d5a19a41ab07592829ca46f064c82e2473d
3c92f794c2a5cc38bd8cfb0ab055930574bec667902df7aa209fd39df6138f50
4469ff06fc374622dfad0430277761b039342de3cce8601da8b0b56d66198c40
4edfb22b631c83a41369a022fd60d6ad2e5bec9d2ff83f37ab30b33e8ab5b820
52dec3170ae8aed2f947c1efe138cac9b48fd17814999721e9f88aefbe80161f
56e46aefe8b2b41877c4cf7ee22d447f095df695f0507a5e0c545d8f3d462efb
5736e3eec0c34bfc288854b7b8d2a8f1e22e9e2e7dae3c8d1ad5dfb2d4734ad0
63e89aa053f7a68b98d5651d25d48fb818f8c765b63977dfc9bf243cff185d11
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87fd08e9ac238b804b7bcfd2ebc2b9df0de680028f663572aa97700b01be190d
8f3915d68d66428a01ce6d113e2624887d4a5385ef8c999eff01966cc9943ebd
8fff79a374d7b8085d62150bda6841c268e3cf4fe85a72469a2098f8d718e47a
97775ae2df820f92e7243f34726e76ef2eed36dd8586ebea84684521053348dd
a6c616619891f86e73c32a598672a7689fb294deed32dc306e0aad8dfeadcc93
a87d4a4d40583c35087e6af0246f7e54156def5837f14ef2551d89fb9c1330fa
c787a5704661491a0877721ca934b66aa26ac70f8a8eab8ccc48c86c86a41556
e65403ef46c7017d5608002d063211c7dcc735d05ed04a1c0c19e436c4bc4a56
f2093ab2f670f61d03df80252add802d4fdc564f6ff4deb7e3c5b34d6f8f4d65
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d