ba03ea20a1.nxcli.io Open in urlscan Pro
8.29.157.83 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://ba03ea20a1.nxcli.io/
Submission: On December 07 via api (December 7th 2023, 11:53:10 am UTC) from US — Scanned from US

Summary HTTP 30 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 2 IPs in 1 countries across 1 domains to perform 30 HTTP transactions. The main IP is 8.29.157.83, located in United States and belongs to NEXCESS-NET, US. The main domain is ba03ea20a1.nxcli.io.
TLS certificate: Issued by R3 on December 4th 2023. Valid for: 3 months.

This is the only time ba03ea20a1.nxcli.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
30	8.29.157.83 8.29.157.83		36444 (NEXCESS-NET) (NEXCESS-NET)
30	2

30 8.29.157.83 (United States)

ASN36444 (NEXCESS-NET, US)
PTR: cloudhost-1105217.us-midwest-1.nxcli.net

ba03ea20a1.nxcli.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	nxcli.io ba03ea20a1.nxcli.io	3 MB
30	1

	Domain	Requested by
30	ba03ea20a1.nxcli.io	ba03ea20a1.nxcli.io
30	1

This site contains no links.

Subject Issuer	Validity	Valid
ba03ea20a1.nxcli.io R3	`2023-12-04` - `2024-03-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://ba03ea20a1.nxcli.io/
Frame ID: 53FAC66D7DD1C7C48A8DAC230F1C05FB
Requests: 31 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Broadleaf Services - Technology for Federal & Private Industry

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -

Swiper Slider (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swiper(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

0 %
IPv6

1
Domains

1
Subdomains

2
IPs

1
Countries

2942 kB
Transfer

3718 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ba03ea20a1.nxcli.io/	70 KB 13 KB	528ms 388ms	Document text/html	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `5907d35a476f671b8f2ed351c666fab0d772210c1889dedd0fdd2f1fb4e7e39c` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 accept-language en-US,en;q=0.9 Response headers content-encoding br content-type text/html; charset=UTF-8 date Thu, 07 Dec 2023 11:53:04 GMT link <https://ba03ea20a1.nxcli.io/wp-json/>; rel="https://api.w.org/" <https://ba03ea20a1.nxcli.io/wp-json/wp/v2/pages/2>; rel="alternate"; type="application/json" <https://ba03ea20a1.nxcli.io/>; rel=shortlink server nginx vary Accept-Encoding x-cache-nxaccel BYPASS
GET H2	200	bootstrap.min.css ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/bootstrap/	138 KB 18 KB	80ms 76ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/bootstrap/bootstrap.min.css?ver=1 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `cbde5e63264b446818cbe9fd114588f73db7cbb2db3aa86295b0e3646a0146cf` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:34:52 GMT server nginx etag W/"2265b-60bc34ca8b081" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css
GET H2	200	style.min.css ba03ea20a1.nxcli.io/wp-includes/css/dist/block-library/	107 KB 13 KB	92ms 88ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-includes/css/dist/block-library/style.min.css?ver=6.4.2 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Mon, 04 Dec 2023 23:05:33 GMT server nginx etag W/"1add3-60bb727bba472" vary Accept-Encoding content-type text/css x-nocache 1
GET H2	200	bootstrap-icons.min.css ba03ea20a1.nxcli.io/wp-content/plugins/advanced-tabs-block/assets/css/	80 KB 12 KB	79ms 76ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/plugins/advanced-tabs-block/assets/css/bootstrap-icons.min.css?ver=1.2.1 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `062719b100219061c8a11fff201d9a98f3794ab45bddf1c1f2d16c9ea440c279` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:38:27 GMT server nginx etag W/"14010-60bc359794613" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css
GET H2	200	224b59cfdccd983f3d58ed0bc5ec74d0.css ba03ea20a1.nxcli.io/wp-content/fonts/	787 B 388 B	80ms 77ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/fonts/224b59cfdccd983f3d58ed0bc5ec74d0.css Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `2606213e6e0d58f6dff4797f473176675686d911f64906c8f10e0c956870f873` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:51:02 GMT server nginx etag W/"313-60bc3866e829a" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css
GET H2	200	style.css ba03ea20a1.nxcli.io/wp-content/themes/sydney/	1 KB 702 B	81ms 78ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/style.css?ver=20230821 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `1a91a493c14ae78bbfda7946b9acf4a8251b0163b711a46768cbfa81fc6380b6` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:34:52 GMT server nginx etag W/"53b-60bc34ca7f501" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css
GET H2	200	swiper.css ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/	18 KB 4 KB	81ms 78ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/swiper.css?ver=1.0 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:34:52 GMT server nginx etag W/"4804-60bc34ca800b9" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css
GET H2	200	styles.min.css ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/	71 KB 12 KB	91ms 89ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/styles.min.css?ver=?php%20echo%20time();%20? Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `5c344a7d52a928b9fbdfee471259c072f1aa396c909b077f40a31ce261964938` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Wed, 06 Dec 2023 15:03:05 GMT server nginx etag W/"11a45-60bd8a5eedc40" vary Accept-Encoding content-type text/css x-nocache 1
GET H2	200	icomoon.css ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/framework/src/css/	63 KB 9 KB	79ms 77ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/framework/src/css/icomoon.css?ver=2.2.2 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `0dcb8b83e1a230f0addadd2436b3a42e8e342da492ff4b2769206d07a0fd9e7a` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:39:33 GMT server nginx etag W/"fc97-60bc35d5f703d" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css
GET H2	200	cache.skin.css ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/src/css/	129 KB 11 KB	90ms 88ms	Stylesheet text/css	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/src/css/cache.skin.css?ver=1701791539 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `df019c272c973fca7ee86c4136356c0ae6c92399b446342bcfa72664b8026521` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 15:58:42 GMT server nginx etag W/"20566-60bc54efe1080" vary Accept-Encoding x-cache-nxaccel MISS content-type text/css
GET H2	200	jquery.min.js Show response ba03ea20a1.nxcli.io/wp-includes/js/jquery/	86 KB 29 KB	136ms 134ms	Script application/javascript	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-includes/js/jquery/jquery.min.js?ver=3.7.1 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Mon, 04 Dec 2023 23:05:33 GMT server nginx etag W/"15601-60bb727bd8103" vary Accept-Encoding content-type application/javascript x-nocache 1
GET H2	200	jquery-migrate.min.js Show response ba03ea20a1.nxcli.io/wp-includes/js/jquery/	13 KB 5 KB	206ms 204ms	Script application/javascript	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Mon, 04 Dec 2023 23:05:33 GMT server nginx etag W/"3509-60bb727bd7d1b" vary Accept-Encoding content-type application/javascript x-nocache 1
GET H2	200	logo.png ba03ea20a1.nxcli.io/wp-content/uploads/2023/11/	35 KB 35 KB	198ms 197ms	Image image/png	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/11/logo.png Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `9348b83c00295f19e02fa427cbf2f42fd6109d8bd1f74c0ee4523125b0c1c59c` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 27 Nov 2023 06:08:47 GMT server nginx etag "8a25-60b1c228e39c0" x-cache-nxaccel MISS content-type image/png accept-ranges bytes content-length 35365
GET H2	200	home-slide.jpg ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/	503 KB 504 KB	184ms 184ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/home-slide.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `8f3624b7a0ea1366cceab4cc0640e5eccdc1f010db4262a99216e14a9afb8fca` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 08:15:44 GMT server nginx etag "7dddc-60baab9740c00" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 515548
GET H2	200	eye.jpg ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/	512 KB 513 KB	134ms 131ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/eye.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `43eed7cc25853e1b02ce4f08a1a67a6786ef0d85cc839ac3a698edb180d2c469` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 08:15:41 GMT server nginx etag "8008a-60baab9464540" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 524426
GET H2	200	girl.jpg ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/	267 KB 267 KB	161ms 158ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/girl.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `1c7629ae8bc95bc95e499fb339dc811e20a109591c92b4056f56031ec7b3b5a4` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 08:15:34 GMT server nginx etag "42b01-60baab8db7580" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 273153
GET H2	200	beach.jpg ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/	380 KB 380 KB	121ms 118ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/beach.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `b8e19349226fb36a8cd009fae15d17dc585ca1424b450e0566d91bb5c4338135` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 08:15:31 GMT server nginx etag "5eeb9-60baab8adaec0" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 388793
GET H2	200	post-1.jpg ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/	137 KB 138 KB	135ms 133ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/post-1.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `d0998390edf01c966f4db126dd12fae2316a673c9297ba4579ec1b43962f3e0c` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 08:15:40 GMT server nginx etag "22574-60baab9370300" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 140660
GET H2	200	post-2.jpg ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/	148 KB 148 KB	131ms 130ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/post-2.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `4ce93217a59d2d1ddd318e6a40e0cbe35dc21ac7df0b6221318a1db21c40699f` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 08:15:38 GMT server nginx etag "24ee3-60baab9187e80" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 151267
GET H2	200	post-3.jpg ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/	184 KB 184 KB	137ms 137ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/12/post-3.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `46894e96bded5372b5b8e1ab778bd0ca81a1ff72c59f2c5ff7a5f45f0a2bcb9a` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 08:15:36 GMT server nginx etag "2e012-60baab8f9fa00" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 188434
GET H2	200	functions.min.js Show response ba03ea20a1.nxcli.io/wp-content/themes/sydney/js/	10 KB 3 KB	160ms 158ms	Script application/javascript	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/js/functions.min.js?ver=20230315 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `dae56500f8afde55f88193f1bbfb33cb389a6faea0ce026071fa426cf645ffdf` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:34:52 GMT server nginx etag W/"284d-60bc34ca86e19" vary Accept-Encoding x-cache-nxaccel MISS content-type application/javascript
GET H2	200	swiper.js Show response ba03ea20a1.nxcli.io/wp-content/themes/sydney/js/	146 KB 38 KB	131ms 130ms	Script application/javascript	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/js/swiper.js?ver=34.7.1 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `0009fcb5734dbe41aca4edb2ef23a820447bbb9f8265ab833bf44a9bb915fea6` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Wed, 06 Dec 2023 15:08:21 GMT server nginx etag W/"246a1-60bd8b8c4a340" vary Accept-Encoding x-cache-nxaccel MISS content-type application/javascript
GET H2	200	frontend.js Show response ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/src/js/	14 KB 3 KB	132ms 130ms	Script application/javascript	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/src/js/frontend.js?ver=2.2.2 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `3ae65f1d1d62b79d05e0929141e60734b4284bcd55d730f523118f479237e9de` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:39:33 GMT server nginx etag W/"39af-60bc35d5f6c55" vary Accept-Encoding x-cache-nxaccel MISS content-type application/javascript
GET H2	200	view.js Show response ba03ea20a1.nxcli.io/wp-content/plugins/advanced-tabs-block/build/blocks/tabs/	2 KB 560 B	158ms 157ms	Script application/javascript	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/plugins/advanced-tabs-block/build/blocks/tabs/view.js?ver=ad83d53f08eab097fd4b Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `eb5769019c1fca8f5b0dae6a6af3f7ad19adf5bdca7f9b492c88e74683b9eaa3` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT content-encoding br last-modified Tue, 05 Dec 2023 13:38:27 GMT server nginx etag W/"84b-60bc359794de3" vary Accept-Encoding x-cache-nxaccel MISS content-type application/javascript
GET DATA	200 OK	truncated /	325 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `ee9c9fc12d59edb1e5329ac66ea2be4c62912d13453a919f4696522c9426712c` Request headers accept-language en-US,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers Content-Type image/png
GET H2	200	box-1.jpg ba03ea20a1.nxcli.io/wp-content/themes/sydney/images/	70 KB 70 KB	150ms 149ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/images/box-1.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/styles.min.css?ver=?php%20echo%20time();%20? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `28c44a3ec42e7178e30fd5d3e3ac6ccbb2077498f809f3ae7a109ce9495bda04` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/styles.min.css?ver=?php%20echo%20time();%20? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Tue, 05 Dec 2023 13:34:52 GMT server nginx etag "116a2-60bc34ca80c71" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 71330
GET H2	200	box-2.jpg ba03ea20a1.nxcli.io/wp-content/themes/sydney/images/	130 KB 130 KB	150ms 149ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/images/box-2.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/styles.min.css?ver=?php%20echo%20time();%20? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `c82cc3ce9b6bb267517625ad5db49e7187aa0ddb830e6f10f2aa1dec5e5f7b61` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/styles.min.css?ver=?php%20echo%20time();%20? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Tue, 05 Dec 2023 13:34:52 GMT server nginx etag "20642-60bc34ca81441" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 132674
GET H2	200	box-3.jpg ba03ea20a1.nxcli.io/wp-content/themes/sydney/images/	97 KB 97 KB	149ms 149ms	Image image/jpeg	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/images/box-3.jpg Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/styles.min.css?ver=?php%20echo%20time();%20? Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `48ddbc4a647793ed211b649bb1ee7d20cb739a7c71c00e900713e9b5869d60ee` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/wp-content/themes/sydney/css/styles.min.css?ver=?php%20echo%20time();%20? User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Tue, 05 Dec 2023 13:34:52 GMT server nginx etag "182a2-60bc34ca81c11" x-cache-nxaccel MISS content-type image/jpeg accept-ranges bytes content-length 98978
GET H2	200	S6uyw4BMUTPHjx4wXg.woff2 ba03ea20a1.nxcli.io/wp-content/fonts/lato/	23 KB 23 KB	148ms 148ms	Font application/octet-stream	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/fonts/lato/S6uyw4BMUTPHjx4wXg.woff2 Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/wp-content/fonts/224b59cfdccd983f3d58ed0bc5ec74d0.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537` Request headers Referer https://ba03ea20a1.nxcli.io/wp-content/fonts/224b59cfdccd983f3d58ed0bc5ec74d0.css Origin https://ba03ea20a1.nxcli.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 04 Dec 2023 17:52:14 GMT server nginx accept-ranges bytes etag "5c1c-60bb2c72d8f80" content-length 23580 x-cache-nxaccel MISS
GET H2	200	icomoon.ttf ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/framework/src/fonts/	197 KB 197 KB	148ms 148ms	Font application/font-sfnt	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Full URL https://ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/framework/src/fonts/icomoon.ttf Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/framework/src/css/icomoon.css?ver=2.2.2 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `fcd85b2e80374048264216e4580c4255637947b34b58176d9061aea4a0d4e10c` Request headers Referer https://ba03ea20a1.nxcli.io/wp-content/plugins/mega_main_menu/framework/src/css/icomoon.css?ver=2.2.2 Origin https://ba03ea20a1.nxcli.io accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Tue, 05 Dec 2023 13:39:33 GMT server nginx etag "312d9-60bc35d5f7fdd" x-cache-nxaccel MISS content-type application/font-sfnt accept-ranges bytes content-length 201433
GET H2	200	footer-logo-1024x427.png ba03ea20a1.nxcli.io/wp-content/uploads/2023/11/	87 KB 87 KB	161ms 161ms	Image image/png	8.29.157.83 NEXCESS-NET
General Check archive.org Show headers Download Go to Show image Full URL https://ba03ea20a1.nxcli.io/wp-content/uploads/2023/11/footer-logo-1024x427.png Requested by Host: ba03ea20a1.nxcli.io URL: https://ba03ea20a1.nxcli.io/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 8.29.157.83 , United States, ASN36444 (NEXCESS-NET, US), Reverse DNS cloudhost-1105217.us-midwest-1.nxcli.net Software nginx / Resource Hash `a224a1f3cdbc4a5797b47222ca56448a9f7565bf3b42c12821f6fa0361d3641c` Request headers accept-language en-US,en;q=0.9 Referer https://ba03ea20a1.nxcli.io/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.62 Safari/537.36 Response headers date Thu, 07 Dec 2023 11:53:04 GMT last-modified Mon, 27 Nov 2023 13:14:18 GMT server nginx etag "15b08-60b2214525e80" x-cache-nxaccel MISS content-type image/png accept-ranges bytes content-length 88840

Verdicts & Comments Add Verdict or Comment

15 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture undefined| $ function| jQuery function| sydneyDomReady object| sydney function| Swiper object| swiper object| swiper2 function| openCity object| element string| function_selector string| rules_priority number| body_width number| offset_left boolean| click_item_2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ba03ea20a1.nxcli.io
8.29.157.83
0009fcb5734dbe41aca4edb2ef23a820447bbb9f8265ab833bf44a9bb915fea6
062719b100219061c8a11fff201d9a98f3794ab45bddf1c1f2d16c9ea440c279
0dcb8b83e1a230f0addadd2436b3a42e8e342da492ff4b2769206d07a0fd9e7a
1a91a493c14ae78bbfda7946b9acf4a8251b0163b711a46768cbfa81fc6380b6
1c7629ae8bc95bc95e499fb339dc811e20a109591c92b4056f56031ec7b3b5a4
2606213e6e0d58f6dff4797f473176675686d911f64906c8f10e0c956870f873
28c44a3ec42e7178e30fd5d3e3ac6ccbb2077498f809f3ae7a109ce9495bda04
3ae65f1d1d62b79d05e0929141e60734b4284bcd55d730f523118f479237e9de
43eed7cc25853e1b02ce4f08a1a67a6786ef0d85cc839ac3a698edb180d2c469
46894e96bded5372b5b8e1ab778bd0ca81a1ff72c59f2c5ff7a5f45f0a2bcb9a
48ddbc4a647793ed211b649bb1ee7d20cb739a7c71c00e900713e9b5869d60ee
4ce93217a59d2d1ddd318e6a40e0cbe35dc21ac7df0b6221318a1db21c40699f
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
5907d35a476f671b8f2ed351c666fab0d772210c1889dedd0fdd2f1fb4e7e39c
5c344a7d52a928b9fbdfee471259c072f1aa396c909b077f40a31ce261964938
698b89c0da3d319754d6a837b5e6d4e6a42dc402d9ffd7559b8c4cb29c644340
8f3624b7a0ea1366cceab4cc0640e5eccdc1f010db4262a99216e14a9afb8fca
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9348b83c00295f19e02fa427cbf2f42fd6109d8bd1f74c0ee4523125b0c1c59c
a224a1f3cdbc4a5797b47222ca56448a9f7565bf3b42c12821f6fa0361d3641c
b8e19349226fb36a8cd009fae15d17dc585ca1424b450e0566d91bb5c4338135
c82cc3ce9b6bb267517625ad5db49e7187aa0ddb830e6f10f2aa1dec5e5f7b61
c94a0dc6cbd7f95a3c4eb8f7959fd8e5905ff0794116c07a5f09bbac7ef9ffd1
cb6f2d32c49d1c2b25e9ffc9aaafa3f83075346c01bcd4ae6eb187392a4292cf
cbde5e63264b446818cbe9fd114588f73db7cbb2db3aa86295b0e3646a0146cf
d0998390edf01c966f4db126dd12fae2316a673c9297ba4579ec1b43962f3e0c
dae56500f8afde55f88193f1bbfb33cb389a6faea0ce026071fa426cf645ffdf
df019c272c973fca7ee86c4136356c0ae6c92399b446342bcfa72664b8026521
eb5769019c1fca8f5b0dae6a6af3f7ad19adf5bdca7f9b492c88e74683b9eaa3
ee9c9fc12d59edb1e5329ac66ea2be4c62912d13453a919f4696522c9426712c
fcd85b2e80374048264216e4580c4255637947b34b58176d9061aea4a0d4e10c