urlscan.io logo urlscan.io
SecurityTrails logo

nrcommercials.com Open in urlscan Pro
188.114.96.3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://aogkj.nimsite.uk/
Effective URL: https://nrcommercials.com/
Submission: On August 19 via api from US — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 4 domains to perform 15 HTTP transactions. The main IP is 188.114.96.3, located in Amsterdam, Netherlands and belongs to CLOUDFLARENET, US. The main domain is nrcommercials.com.
TLS certificate: Issued by WE1 on July 30th 2024. Valid for: 3 months.
This is the only time nrcommercials.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 93.114.185.200 21396 (NETCONNEX...)
2 188.114.96.3 13335 (CLOUDFLAR...)
12 151.101.65.91 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
15 4
Domain Requested by
12 nrcommercials-com.nimbus-cdn.uk nrcommercials.com
2 nrcommercials.com nrcommercials.com
1 fonts.gstatic.com nrcommercials.com
1 aogkj.nimsite.uk 1 redirects
15 4

This site contains links to these domains. Also see Links.

Domain
www.google.co.uk
www.facebook.com
www.instagram.com
sereneagency.com
Subject Issuer Validity Valid
nrcommercials.com
WE1		 2024-07-30 -
2024-10-28		 3 months crt.sh
*.nimbus-cdn.uk
R10		 2024-07-05 -
2024-10-03		 3 months crt.sh
*.gstatic.com
WR2		 2024-07-30 -
2024-10-22		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://nrcommercials.com/
Frame ID: D89F76EA21695646E7761287BF7AF973
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home - NR Commercials

Page URL History Show full URLs

  1. https://aogkj.nimsite.uk/ HTTP 301
    https://nrcommercials.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link [^>]*href=(?:"|')[^"']*elementor/assets
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

4
Countries

1031 kB
Transfer

1582 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://aogkj.nimsite.uk/ HTTP 301
    https://nrcommercials.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
nrcommercials.com/
Redirect Chain
  • https://aogkj.nimsite.uk/
  • https://nrcommercials.com/
613 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://nrcommercials.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
0d73fac29c6071f82911c8dcc07dff60fa4e80124fbaae192d876c95d78ddead
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8b5b68c05b3d071a-LHR
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 19 Aug 2024 16:09:38 GMT
last-modified
Mon, 19 Aug 2024 08:27:34 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ePtj3vzolQ7uSdwYCkhZ8TtFwiqNmdFWWW94jlb%2Brn2o7AgE0Wkj%2BNecMwjadEiKmGSQlUpMG42YbCbuwERnKqlzBrM1w2cER8OaXmSm2dofujzlcbVRMl3W5IIf4%2BCuAOKxIg%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-powered-by
NIMHOST
x-served-by
7ba09dc65080bc28b66f6877112df31a

Redirect headers

content-length
0
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Mon, 19 Aug 2024 16:09:38 GMT
location
https://nrcommercials.com/
server
nginx
vary
Accept-Encoding
x-powered-by
NIMHOST
x-redirect-by
WordPress
x-robots-tag
noindex, nofollow, nosnippet, noarchive
x-served-by
7ba09dc65080bc28b66f6877112df31a
eicons.woff2
nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/elementor/assets/lib/eicons/fonts/ 		95 KB
96 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/elementor/assets/lib/eicons/fonts/eicons.woff2?5.30.0
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
a9d91bb4ea3abc75e9ab91b81711137a82b3f52b1aa30c99f3c10e190a56717a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nrcommercials.com/
Origin
https://nrcommercials.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
date
Mon, 19 Aug 2024 16:09:38 GMT
age
322736
x-powered-by
NIMHOST
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
97132
x-served-by
7ba09dc65080bc28b66f6877112df31a, cache-lon420145-LON, cache-fra-etou8220053-FRA
last-modified
Mon, 05 Aug 2024 16:26:19 GMT
server
cloudflare
x-timer
S1724083779.945572,VS0,VE14
etag
"66b0fd2b-17b6c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YMJnyPpxWaEInr%2F%2F%2F8096kZv0vy2sjIIR%2Fo5AS%2BHuwyLpb%2Flc%2Bn%2B95jz2I%2B%2BwDf7NwP4M7Gr%2B1qKlLe9hw8xwZqC96oKXNWyh8lRAWew3p6zU36LfdFq18gKgmJ5vm4xM1M8yw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3ca174cc23491f-LHR
x-cache-hits
7, 0
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://nrcommercials.com/
Origin
https://nrcommercials.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Tue, 13 Aug 2024 14:03:23 GMT
x-content-type-options
nosniff
age
525975
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48236
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 13 Aug 2025 14:03:23 GMT
fa-solid-900.woff2
nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-solid-900.woff2
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nrcommercials.com/
Origin
https://nrcommercials.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
date
Mon, 19 Aug 2024 16:09:39 GMT
age
0
x-powered-by
NIMHOST
x-cache
MISS, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
78196
x-served-by
7ba09dc65080bc28b66f6877112df31a, cache-lon4229-LON, cache-fra-etou8220053-FRA
last-modified
Mon, 05 Aug 2024 16:26:19 GMT
server
cloudflare
x-timer
S1724083779.945495,VS0,VE74
etag
"66b0fd2b-13174"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2B3YthUdNH5MkeXxQSIZX09NEKCq%2FMTmQX%2B2TuwjVUdgKTBUMOvoDRu83DeRzn%2FXtAiOqTnYnxhJchwtjSV1uRx5QunP61H5vDZsHyeIHyrIH%2Bu88coJfRphFDsGTGqJTtfkeHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b5b68c28f6a940c-LHR
x-cache-hits
0, 0
fa-brands-400.woff2
nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/ 		80 KB
80 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/elementor/assets/lib/font-awesome/webfonts/fa-brands-400.woff2
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nrcommercials.com/
Origin
https://nrcommercials.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
date
Mon, 19 Aug 2024 16:09:38 GMT
age
322736
x-powered-by
NIMHOST
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
81612
x-served-by
7ba09dc65080bc28b66f6877112df31a, cache-lon4224-LON, cache-fra-etou8220053-FRA
last-modified
Mon, 05 Aug 2024 16:26:19 GMT
server
cloudflare
x-timer
S1724083779.945475,VS0,VE16
etag
"66b0fd2b-13ecc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iud60qcuS9vbkSIMsmmqTx2ciLSaJe6WvLZXqmEiAfePDDxXc0eeevlqYu22P2rt%2FWvag4LsnqvwkfJa45UQ6u21UG%2B2X7TdvQhDwUkon8vGYeKNukX97aQAMOabLIrFSfDQIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3ca174cc1d60ee-LHR
x-cache-hits
7, 0
nr-commercials-logo.png
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/nr-commercials-logo.png?format=webp
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2c9ef79782a456afea9db464c018408bafb7d8c893ed916cc25ae2ef6638d8a

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 16:09:39 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fastly-io-served-by
vpop-etou8240195
age
323088
x-cache
HIT, MISS
fastly-io-info
ifsz=7505 idim=225x35 ifmt=png ofsz=3516 odim=225x35 ofmt=webp
x_webp_sp_miss
/wp-content/uploads/2024/04/nr-commercials-logo.webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3516
x-served-by
cache-lon420092-LON, cache-fra-etou8220038-FRA
server
cloudflare
x-timer
S1724083779.032896,VS0,VE14
etag
"a1OTywnigKbrcZKL0VFntX9Yeq+C6N3iF8tzTqItd0Q"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fa99IFvEi%2Fbdfidh%2BLYcThyt9y16lkzmVCDsrUJRoTr6BX7XTGkdTqcAlp88U2UKf1U0JDgRLsDuf%2F5VKQKRixkMhFbLaTkwiO04TjVK3B5d26J6K671I6X0MoumL2qREf%2FgjA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3c98e0adcb79ae-LHR
x-cache-hits
9, 0
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
047c98fa14fe45f9459c8256ab778f40cb9fce03557763b2906a763b2c6675a9

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
google-icon-logo.svg
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/ 		1 KB
947 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/google-icon-logo.svg
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
739d84e7262821db19a336bab00b4dc5354027bf4a3f7c9c2420000cacff6dc5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
date
Mon, 19 Aug 2024 16:09:39 GMT
age
322934
x-powered-by
NIMHOST
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
521
x-served-by
7ba09dc65080bc28b66f6877112df31a, cache-lon420111-LON, cache-fra-etou8220038-FRA
last-modified
Fri, 07 Jun 2024 10:47:36 GMT
server
cloudflare
x-timer
S1724083779.033183,VS0,VE13
etag
W/"6662e548-451"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRNSkybH2vq90h6X4w1U%2F%2BsB4grVOD%2BkAzfzxAS%2BM2%2B5Mb7MjikIMcXhSQmF2psAHAKJ%2BJDfDLjFS4awLWAJXw8a79zaxW958fYCDBTqymPusj42xPZ3L%2B%2B83u%2ButT6c0X9hKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3c9ca26d889490-LHR
x-cache-hits
8, 0
Group-46.svg
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/06/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/06/Group-46.svg
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
c8558ed86853ab9124f1475598a01d1f3fed40e8e2f166f36cde1a8eb843ab5f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
date
Mon, 19 Aug 2024 16:09:39 GMT
age
322934
x-powered-by
NIMHOST
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
344
x-served-by
7ba09dc65080bc28b66f6877112df31a, cache-lon420091-LON, cache-fra-etou8220038-FRA
last-modified
Fri, 07 Jun 2024 10:48:00 GMT
server
cloudflare
x-timer
S1724083779.033241,VS0,VE16
etag
W/"6662e560-730"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=c9i9E5sXDZUHq8MdFj7bryL0%2BQDoAH0Y4i3NvSiiWBgfDm6pywaAGqslYZhwPEKALlROp2TWkRpRvl1N%2B2ZD8MWMflCH6%2BWutzYwNNk1k4aKC2H%2Fe1049JPLfzrk3Vefureg7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3c9ca2583079ae-LHR
x-cache-hits
8, 0
NR-Commercials-Workshop-2-1536x1024.jpg
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/ 		161 KB
162 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/NR-Commercials-Workshop-2-1536x1024.jpg?format=webp
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ffb3dde45efcef9215df3e9020cbec50705f88a752855c62c128ab3bda2b7e0

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 16:09:39 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fastly-io-served-by
vpop-etou8240192
age
322608
x-cache
HIT, MISS
fastly-io-info
ifsz=266734 idim=1536x1024 ifmt=jpeg ofsz=165270 odim=1536x1024 ofmt=webp
x_webp_sp_miss
/wp-content/uploads/2024/04/NR-Commercials-Workshop-2-1536x1024.webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
165270
x-served-by
cache-lon420107-LON, cache-fra-etou8220038-FRA
server
cloudflare
x-timer
S1724083779.033217,VS0,VE52
etag
"UBuGajZ0UEF7oZL8Q99H1+e9udTkT51OFYxzaU3Qwww"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MYjuf0JNoNoafquLnfk%2BxtsHM2RWWoFORpfvNJbMQQb00frgTZdEzrI6mApdt%2BDtw5t%2B6fky9GqSaa63G%2B6czkZgTb8EhmY%2F2%2FSc2bvr9s8alzdeDvcS6Tt7PWRiGsU3Oa23UQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3ca4970fbe6316-LHR
x-cache-hits
5, 0
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
363ae2b854a436acd16c6d4be81f7b66567ce15c856facafd673f87dac0c6c9b

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		70 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9ea0308302cda4c73fba9ff7a5c4ed8e77004aa10df33aba5a9468e68ca2fda1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
809a0a88a3fffe27a9901006761e42ddf71f28089f28d29dd6346b02b3ff8fdd

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
213cdc73309f973f10c0508d6169f03c205526e29b9fa4916e5e0f93fbc8507e

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
844e76725be8fd07242c48ef7d70965537380596bdba69ece65e80b7b055b7f1

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f5bd36727e3bd745c670301e1e560b33c8f0933a568d9d84ff66fde352c64896

Request headers

Referer
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml
email-decode.min.js
nrcommercials.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrcommercials.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 16:09:38 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 13 Aug 2024 15:09:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"66bb771c-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dA3IjfqtJi%2F5E40ORZF%2F%2BWOXbOpn%2B4K6Ur%2By0AYGWD6vlt%2B5rTTpP0nWuJZLcWk6wnF0oaSeJf%2B12TFlBYKCgXs0l%2BHnMLaXFLnJQFIFw%2FqCqPtFCVX5VNPw4DYtz76V1GcTuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
8b5b68c2bd1d071a-LHR
expires
Wed, 21 Aug 2024 16:09:38 GMT
lazyload.min.js
nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/plugins/wp-rocket/assets/js/lazyload/17.8.3/lazyload.min.js
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
content-encoding
br
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
date
Mon, 19 Aug 2024 16:09:39 GMT
age
323088
x-powered-by
NIMHOST
x-cache
HIT, MISS
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
3061
x-served-by
7ba09dc65080bc28b66f6877112df31a, cache-lon420102-LON, cache-fra-etou8220038-FRA
last-modified
Thu, 15 Aug 2024 21:29:20 GMT
server
cloudflare
x-timer
S1724083779.033230,VS0,VE13
etag
W/"66be7330-22bc"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=42bJZACXhKhKh1opaDAp9Ykk2cq2RkeaCLyisb2vN9OF%2B7GyGIldqZ4f1obqJeK4FL3Wo0pn8DQN%2B0GfxpJar8e3bsOSEfKkTFsOD2KPTk0NuAGhidLXVLrOc5xi8ffnjYraZg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3c98e01e2a63f0-LHR
x-cache-hits
8, 0
NR-Commercials-LTD-Logo.png
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/08/ 		86 KB
87 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/08/NR-Commercials-LTD-Logo.png?format=webp
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f715dc175093636f263d2eac7c43e8188189936479af1387510edaec07df5102

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 16:09:39 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fastly-io-served-by
vpop-etou8240192
age
286266
x-cache
HIT, MISS
fastly-io-info
ifsz=120018 idim=1920x128 ifmt=png ofsz=88170 odim=1920x128 ofmt=webp
x_webp_sp_miss
/wp-content/uploads/2024/08/NR-Commercials-LTD-Logo.webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
88170
x-served-by
cache-lon420086-LON, cache-fra-etou8220038-FRA
server
cloudflare
x-timer
S1724083779.289836,VS0,VE13
etag
"oKJjUi2CUCJGbVnd20xwxZg76CLV65GkTSz5+5NB8yo"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jLOCCtbPXqenO1CWJ0eyoCti%2BAifPuKPjvyk%2BkxI%2BJ4OvE82e4fRSqBko9KKntnwAAZu2aStTHyZ9tSZRbRq3M9rbA3WmJhzo8E%2FLvvONhWLcZqXrVCOtqNMCIANjST%2F6I2YCA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b401bd73baa6547-LHR
x-cache-hits
3, 0
IMG_8472-edit.jpg
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/08/ 		249 KB
250 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/08/IMG_8472-edit.jpg?format=webp
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4428a67c7a1a12e742915fb7d144beec17460412a95c748503233795f49d63d4

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 16:09:39 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fastly-io-served-by
vpop-etou8240199
age
323088
x-cache
HIT, MISS
fastly-io-info
ifsz=723892 idim=1440x1080 ifmt=jpeg ofsz=255398 odim=1440x1080 ofmt=webp
x_webp_sp_miss
/wp-content/uploads/2024/08/IMG_8472-edit.webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
255398
x-served-by
cache-lon4277-LON, cache-fra-etou8220038-FRA
server
cloudflare
x-timer
S1724083779.290724,VS0,VE14
etag
"7m9KwSApKIuAA417MlrJwXQSNb4VZTkoxYlkKQOckDo"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UNpmsrnG6By1hMtgj5sKgvHwvTAD7o344FfDWWZxhOu6yZ8LBqpDoKD07CgcQlnmWBqEQDc5NRg7FDYLDcjIyhwfy6DqCKFvrhSdlc2UmPC%2FcdZTgfWQ3BuWqk4yqL2G0S2m1g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3c98e17ec0416a-LHR
x-cache-hits
8, 0
IMG_9182-1024x683.jpeg
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/07/ 		156 KB
157 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/07/IMG_9182-1024x683.jpeg?format=webp
Requested by
Host: nrcommercials.com
URL: https://nrcommercials.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare / NIMHOST
Resource Hash
ab30ea4eb561ed44d0f2b30404e394a66442bbdd943a3984db0bfbbb23291c4f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
date
Mon, 19 Aug 2024 16:09:39 GMT
fastly-io-served-by
vpop-etou8240192
age
322736
x-powered-by
NIMHOST
x-cache
HIT, MISS
fastly-io-info
ifsz=274680 idim=1024x683 ifmt=jpeg ofsz=159918 odim=1024x683 ofmt=webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
159918
x-served-by
7ba09dc65080bc28b66f6877112df31a, cache-lon4279-LON, cache-fra-etou8220038-FRA
server
cloudflare
x-timer
S1724083779.298127,VS0,VE14
etag
"McAN/nukTk7kTiO5uxrcemUVObpw16d7emkA6TZo7Sw"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gxkUhq%2BT7uGr%2F1ZJVrHjzwBvusK1vHvzrmdKfxj8HwvhDng%2FUW8vNBZN%2FRPbg7u7eb3sFa%2Fni5LqtWYZ01GDJjqG60Kx9OLS7htCQWa1M2Avpe6AX2G2C1Y8Ql2D4tFYDZ1NeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3ca1772e3403bb-LHR
x-cache-hits
1, 0
cropped-nr-commercials-logo-32x32.png
nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/ 		954 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/cropped-nr-commercials-logo-32x32.png?format=webp
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
151.101.65.91 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05b886cfb9b88e95574527b780252d9456c00699eb3eddf8551b46d41b3b084b

Request headers

Referer
https://nrcommercials.com/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36

Response headers

date
Mon, 19 Aug 2024 16:09:39 GMT
via
1.1 varnish, 1.1 varnish
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
fastly-io-served-by
vpop-etou8240194
age
322934
x-cache
HIT, MISS
fastly-io-info
ifsz=1135 idim=32x32 ifmt=png ofsz=954 odim=32x32 ofmt=webp
x_webp_sp_miss
/wp-content/uploads/2024/04/cropped-nr-commercials-logo-32x32.webp
fastly-stats
io=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
954
x-served-by
cache-lon420128-LON, cache-fra-etou8220078-FRA
server
cloudflare
x-timer
S1724083780.721849,VS0,VE13
etag
"VTkLSSyFQEa0VRv8JIC/qIw7Arb0PABtb5yY2T4LTqY"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=2cuBCsPrG32SrfGX3S8Ler%2FTAh4RB6kSsKOYIt66uq%2B8xvIMgByy%2BvPCTZw85FSy%2Fpu1koeQRdJH2nZwDoV6VxlTnhnVn5LdkWQmID7rfqiLkePxZaiEKzkuqyAVV0nLMV4IOA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=16070400
accept-ranges
bytes
cf-ray
8b3c9ca35fcf9492-LHR
x-cache-hits
6, 0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| RocketPreloadLinksConfig object| rocket_lazyload_css_data object| JetEngineSettings object| JetSmartFilterSettings object| lazyLoadOptions function| lazyLoadThumb function| lazyLoadYoutubeIframe function| LazyLoad function| addEventListenerWPRocketBase

0 Cookies

1 Console Messages

Source Level URL
Text
javascript warning URL: https://nrcommercials.com/
Message:
The resource https://nrcommercials-com.nimbus-cdn.uk/wp-content/uploads/2024/04/nr-commercials-logo.png?format=webp was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aogkj.nimsite.uk
fonts.gstatic.com
nrcommercials-com.nimbus-cdn.uk
nrcommercials.com
151.101.65.91
188.114.96.3
2a00:1450:4001:830::2003
93.114.185.200
047c98fa14fe45f9459c8256ab778f40cb9fce03557763b2906a763b2c6675a9
05b886cfb9b88e95574527b780252d9456c00699eb3eddf8551b46d41b3b084b
0d73fac29c6071f82911c8dcc07dff60fa4e80124fbaae192d876c95d78ddead
213cdc73309f973f10c0508d6169f03c205526e29b9fa4916e5e0f93fbc8507e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
363ae2b854a436acd16c6d4be81f7b66567ce15c856facafd673f87dac0c6c9b
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4428a67c7a1a12e742915fb7d144beec17460412a95c748503233795f49d63d4
5ffb3dde45efcef9215df3e9020cbec50705f88a752855c62c128ab3bda2b7e0
6b2680fab784d245cbb23d3b51e8d18740e8fc1c7c1c8eadcf0b2b7612125ff8
739d84e7262821db19a336bab00b4dc5354027bf4a3f7c9c2420000cacff6dc5
809a0a88a3fffe27a9901006761e42ddf71f28089f28d29dd6346b02b3ff8fdd
844e76725be8fd07242c48ef7d70965537380596bdba69ece65e80b7b055b7f1
9ea0308302cda4c73fba9ff7a5c4ed8e77004aa10df33aba5a9468e68ca2fda1
a9d91bb4ea3abc75e9ab91b81711137a82b3f52b1aa30c99f3c10e190a56717a
ab30ea4eb561ed44d0f2b30404e394a66442bbdd943a3984db0bfbbb23291c4f
c8558ed86853ab9124f1475598a01d1f3fed40e8e2f166f36cde1a8eb843ab5f
d0b4256abed72481585662971262eabee345c19f837af00d7ce24239d3b40eef
d2c9ef79782a456afea9db464c018408bafb7d8c893ed916cc25ae2ef6638d8a
f40767552e5e94b2d5f9a65d7f640cfa7d225298023dbd682095e040809a3d1a
f5bd36727e3bd745c670301e1e560b33c8f0933a568d9d84ff66fde352c64896
f715dc175093636f263d2eac7c43e8188189936479af1387510edaec07df5102