urlscan.io logo urlscan.io
SecurityTrails logo

qa.mrc-hammer.com Open in urlscan Pro
50.18.89.20  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://qa.sso.mrc-cet.com/
Effective URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_u...
Submission: On February 10 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 30 HTTP transactions. The main IP is 50.18.89.20, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is qa.mrc-hammer.com.
TLS certificate: Issued by Amazon RSA 2048 M01 on February 10th 2023. Valid for: 5 months.
This is the only time qa.mrc-hammer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 52.9.241.247 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:e2:... 13335 (CLOUDFLAR...)
1 8 50.18.89.20 16509 (AMAZON-02)
5 2606:4700::68... 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
30 7
11    52.9.241.247 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-9-241-247.us-west-1.compute.amazonaws.com
qa.sso.mrc-cet.com
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
8    50.18.89.20 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-50-18-89-20.us-west-1.compute.amazonaws.com
qa.mrc-hammer.com
5    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
11 mrc-cet.com
qa.sso.mrc-cet.com
2 MB
8 mrc-hammer.com
qa.mrc-hammer.com
330 KB
5 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 196
88 KB
4 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
2 KB
1 gstatic.com
fonts.gstatic.com
38 KB
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 746
20 KB
1 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 851
11 KB
30 7
Domain Requested by
11 qa.sso.mrc-cet.com qa.sso.mrc-cet.com
8 qa.mrc-hammer.com 1 redirects qa.sso.mrc-cet.com
qa.mrc-hammer.com
5 cdnjs.cloudflare.com qa.mrc-hammer.com
4 fonts.googleapis.com qa.sso.mrc-cet.com
qa.mrc-hammer.com
1 fonts.gstatic.com fonts.googleapis.com
1 maxcdn.bootstrapcdn.com qa.mrc-hammer.com
1 use.fontawesome.com qa.sso.mrc-cet.com
30 7

This site contains no links.

Subject Issuer Validity Valid
qa.sso.mrc-cet.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-07-26		 5 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-06 -
2023-06-05		 a year crt.sh
qa.mrc-hammer.com
Amazon RSA 2048 M01		 2023-02-10 -
2023-07-25		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Frame ID: 6EDCB94F9D873925BCBADB36F1D9D95D
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Login - The Hammer Solutions

Page URL History Show full URLs

  1. https://qa.sso.mrc-cet.com/ Page URL
  2. https://qa.mrc-hammer.com/connect/authorize?client_id=angular_cet&redirect_uri=https%3A%2F%2Fqa.sso.mr... HTTP 302
    https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangu... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href="[^"]*material(?:\.[\w]+-[\w]+)?(?:\.min)?\.css
  • (?:/([\d.]+))?/material(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

30
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

7
IPs

2
Countries

2441 kB
Transfer

7040 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://qa.sso.mrc-cet.com/ Page URL
  2. https://qa.mrc-hammer.com/connect/authorize?client_id=angular_cet&redirect_uri=https%3A%2F%2Fqa.sso.mrc-cet.com%2Fauth-callback&response_type=id_token%20token&scope=openid%20profile%20email%20api.read%20IdentityServerApi&state=576bfacca1c8495290d0d4f2df22654d&nonce=8cfd3043b57d4d75b81b04354d8d8308 HTTP 302
    https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

30 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
qa.sso.mrc-cet.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
dceb277397b65246e0732e71b2c0d9141fee56115377e5017b8582868bdbb97f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1280
content-type
text/html
date
Fri, 10 Feb 2023 16:28:31 GMT
etag
"0dd4993826d91:0"
last-modified
Thu, 12 Jan 2023 03:43:30 GMT
server
Microsoft-IIS/10.0
vary
Accept-Encoding
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:300i,400,600,700
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c733cca1c4445e981c653ad8057319885c69b1894b08b9d27ade57a5c4d3b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Feb 2023 16:28:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 16:28:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Feb 2023 16:28:31 GMT
styles.8de1b993b01168b0849d.css
qa.sso.mrc-cet.com/ 		367 KB
84 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/styles.8de1b993b01168b0849d.css
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
00acbb40ed0ecc14e200415e0377078e3b5be89f7351e2346e5d56a2d1604360

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:32 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 03:42:04 GMT
server
Microsoft-IIS/10.0
etag
"04e7d63726d91:0"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
hammer-logo.svg
qa.sso.mrc-cet.com/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa.sso.mrc-cet.com/assets/img/hammer-logo.svg
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
12af03bbb0cf1315ff9c86cd14d5d3bbce2b92dda4640858633d2d4de24625a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:32 GMT
last-modified
Mon, 21 Jun 2021 14:24:34 GMT
server
Microsoft-IIS/10.0
accept-ranges
bytes
etag
"0fd2828a966d71:0"
content-length
1870
content-type
image/svg+xml
runtime-es2015.ece4f2e58573bfc55ec5.js
qa.sso.mrc-cet.com/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/runtime-es2015.ece4f2e58573bfc55ec5.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
197823b81f13745c20720890a1a6468f4d820daa65e8cd552c8f634fc9ef9077

Request headers

Referer
https://qa.sso.mrc-cet.com/
Origin
https://qa.sso.mrc-cet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:32 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 03:42:08 GMT
server
Microsoft-IIS/10.0
etag
"0a869d83726d91:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
2124
polyfills-es2015.472b3264e85b1dd63d97.js
qa.sso.mrc-cet.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/polyfills-es2015.472b3264e85b1dd63d97.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
7fdfd4c1e4a4c3233ee14b1a96b42e968116f21b5efc7ebc45bed4d31a284435

Request headers

Referer
https://qa.sso.mrc-cet.com/
Origin
https://qa.sso.mrc-cet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:32 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 12:04:26 GMT
server
Microsoft-IIS/10.0
etag
"01e09e2e4fd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
21601
scripts.606f2b102d2562e80d31.js
qa.sso.mrc-cet.com/ 		539 KB
192 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/scripts.606f2b102d2562e80d31.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
37ae7d94f310c41d56d115958985b38be7584ced288e866088e8244c719d50a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:32 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 03:42:04 GMT
server
Microsoft-IIS/10.0
etag
"04e7d63726d91:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
main-es2015.4d120da1c42cd3d26d0a.js
qa.sso.mrc-cet.com/ 		4 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/main-es2015.4d120da1c42cd3d26d0a.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
37a54c6b14d8546b88edd1312f820cafc088c76820b57be8d480db7277dab72e

Request headers

Referer
https://qa.sso.mrc-cet.com/
Origin
https://qa.sso.mrc-cet.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:32 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 03:43:30 GMT
server
Microsoft-IIS/10.0
etag
"0dd4993826d91:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
all.css
use.fontawesome.com/releases/v5.2.0/css/ 		46 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.2.0/css/all.css
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/styles.8de1b993b01168b0849d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:32 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
796W6YYB2XVD809S
age
817966
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9BtVTzdIBQ+t8/ix9Bt+2AhyGLRio5C/XkMQkf0MdRneFGzNjkrkM+SZLQS2/XPlIOtewwOXZyY=
last-modified
Wed, 30 Jun 2021 15:41:36 GMT
server
cloudflare
etag
W/"20a9ce516eaea76da29a23adc43e8998"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U14qanXBKHpFf3P2dPBj1oeBhiUgg6S0udNALwFE3iD0R2FJTKBltVQROe5qFgJ4MheWibuB5bYo6wP8bGW3tuezUXUnSU8n%2BNFgwPtt%2B%2FgnET%2BdCPecFYGFzmSq%2BIdjkFnPbgwZKYV2u0Uo0bCpYUY%2F"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
797637f1be5436dc-FRA
icon
fonts.googleapis.com/ 		569 B
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/styles.8de1b993b01168b0849d.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Feb 2023 16:28:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 16:28:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Feb 2023 16:28:32 GMT
3-es2015.76142681c0356d7b1ef0.js
qa.sso.mrc-cet.com/ 		225 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/3-es2015.76142681c0356d7b1ef0.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/runtime-es2015.ece4f2e58573bfc55ec5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
81fce60040d7b2a8037cb80975991c11f62c327ca1b6f2263b7556b7638135ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:33 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 03:42:28 GMT
server
Microsoft-IIS/10.0
etag
"06a55e43726d91:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
4-es2015.854d5b4c44555504bd5c.js
qa.sso.mrc-cet.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/4-es2015.854d5b4c44555504bd5c.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/runtime-es2015.ece4f2e58573bfc55ec5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
20c8fd134ad83a73889219e6f672ad8488a38ae3aff68fa62beb7d9e9f75bb6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:33 GMT
content-encoding
gzip
last-modified
Tue, 11 Oct 2022 11:52:30 GMT
server
Microsoft-IIS/10.0
etag
"0d3dff067ddd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4899
common-es2015.1f7fda67fdb243a1b10b.js
qa.sso.mrc-cet.com/ 		842 B
635 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/common-es2015.1f7fda67fdb243a1b10b.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/runtime-es2015.ece4f2e58573bfc55ec5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
d68ecd686270fe917328b6a09d44b54e7424cfac7c27901bfdcefbf2b190da65

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:33 GMT
content-encoding
gzip
last-modified
Wed, 13 Apr 2022 12:04:26 GMT
server
Microsoft-IIS/10.0
etag
"01e09e2e4fd81:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
435
12-es2015.2af00b6d64f6765213cb.js
qa.sso.mrc-cet.com/ 		908 KB
230 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.sso.mrc-cet.com/12-es2015.2af00b6d64f6765213cb.js
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/runtime-es2015.ece4f2e58573bfc55ec5.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.9.241.247 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-9-241-247.us-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
8c3cb1912fcf5fad01970d05813ab2630d310134ffce124a15ba3d490c7e9bdf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:33 GMT
content-encoding
gzip
last-modified
Thu, 12 Jan 2023 03:42:42 GMT
server
Microsoft-IIS/10.0
etag
"0a5adec3726d91:0"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
openid-configuration
qa.mrc-hammer.com/.well-known/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qa.mrc-hammer.com/.well-known/openid-configuration
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/polyfills-es2015.472b3264e85b1dd63d97.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.89.20 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-89-20.us-west-1.compute.amazonaws.com
Software
Kestrel / ASP.NET
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.sso.mrc-cet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Feb 2023 16:28:34 GMT
server
Kestrel
x-powered-by
ASP.NET
content-type
application/json; charset=UTF-8
Primary Request Login
qa.mrc-hammer.com/Account/
Redirect Chain
  • https://qa.mrc-hammer.com/connect/authorize?client_id=angular_cet&redirect_uri=https%3A%2F%2Fqa.sso.mrc-cet.com%2Fauth-callback&response_type=id_token%20token&scope=openid%20profile%20email%20api.r...
  • https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_ty...
6 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Requested by
Host: qa.sso.mrc-cet.com
URL: https://qa.sso.mrc-cet.com/main-es2015.4d120da1c42cd3d26d0a.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.89.20 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-89-20.us-west-1.compute.amazonaws.com
Software
Kestrel / ASP.NET
Resource Hash
44685fee0685b7ecec6eb83edf216c1fb50e35becd145fbc2f043d44086cebf1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' https://qa.mrc-hammer.com https://qa.sso.mrc-drilldown.com https://qa.sso.mrc-cet.com
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://qa.sso.mrc-cet.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-security-policy
frame-ancestors 'self' https://qa.mrc-hammer.com https://qa.sso.mrc-drilldown.com https://qa.sso.mrc-cet.com
content-type
text/html; charset=utf-8
date
Fri, 10 Feb 2023 16:28:35 GMT
pragma
no-cache
server
Kestrel
x-frame-options
SAMEORIGIN
x-powered-by
ASP.NET

Redirect headers

content-length
0
date
Fri, 10 Feb 2023 16:28:34 GMT
location
https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
server
Kestrel
x-powered-by
ASP.NET
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/ 		138 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://qa.mrc-hammer.com/
Origin
https://qa.mrc-hammer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
825030
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15800
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-22688"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZyMjEFIf1z03s1clfzMOGPtz2nm0lYOW9ban0tc3LR%2F9oQMXP3xn5bcyxnFvjgY5BTd9qofDfPTz7XYD%2ByjFw%2BLHfeS2pKRLH8706jjSbxgsFv7DFS8vpHaV5gJhK%2FqimVqsM2AfZqmNIDsJKqVncXtK"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
797638000c903a62-FRA
expires
Wed, 31 Jan 2024 16:28:35 GMT
site.css
qa.mrc-hammer.com/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://qa.mrc-hammer.com/css/site.css
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.89.20 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-89-20.us-west-1.compute.amazonaws.com
Software
Kestrel / ASP.NET
Resource Hash
f5ebb4366424da83e5f277a1d391f35d507b231d74781e27d403698027646daa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
br
last-modified
Mon, 21 Jun 2021 13:48:40 GMT
server
Kestrel
etag
"1d766a42446b895"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
bootstrap.min.css
maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
617, 617, 617
age
1413210
cdn-cachedat
2021-06-08 14:35:16
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:03:59 GMT
server
cloudflare
cdn-requestpullcode
200
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
a25b3b26237dd55b5f417f26a9965dbb
timing-allow-origin
*
cdn-requestcountrycode
US
cf-ray
797638000fef9b7c-FRA
cdn-requestpullsuccess
True
css
fonts.googleapis.com/ 		6 KB
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Overpass:300i,400,600,700
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c733cca1c4445e981c653ad8057319885c69b1894b08b9d27ade57a5c4d3b19
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 16:28:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Feb 2023 16:28:35 GMT
icon
fonts.googleapis.com/ 		569 B
367 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Feb 2023 16:28:35 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Feb 2023 16:28:35 GMT
material.blue-indigo.min.css
cdnjs.cloudflare.com/ajax/libs/material-design-lite/1.3.0/ 		138 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-lite/1.3.0/material.blue-indigo.min.css
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d56792e4c1e21903b2a68b9a135ec28702da28697bb234115b16912dc689bf81
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16307
last-modified
Mon, 04 May 2020 16:12:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03efd-2282c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Dm%2FG%2Bgolx2Awc7kfV6Lro4EPVP8GhBo3AZ5NbITI3bSCFx6uMJNPPQVvg4NUltHeQPNTJqremgs0H1zbLAiSTyI%2Bjbziu0wzRnMF4Mnds4B9TBQDFDfOPtMJ2xk9vGlRu82cyIMWAVyEIeLFreKzs14m"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
797638000b5a2d04-FRA
expires
Wed, 31 Jan 2024 16:28:35 GMT
material.min.js
cdnjs.cloudflare.com/ajax/libs/material-design-lite/1.3.0/ 		61 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/material-design-lite/1.3.0/material.min.js
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c27eee3e7e742ba78c0d9956e337579a5f82db3af39e8da6f450e8632decebc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3241584
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
10110
last-modified
Mon, 04 May 2020 16:12:45 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03efd-f41b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdNffZWqfdZTx%2BgmrbnbofQW9j53Z8gcU7ZbVdUI3u6yGj1hfamWZ11MM%2F7EX4HUhtyXhxC5YVg2DGK0RaU7wMiiMSkdrFfw%2BaZoCgFnalGVQS9gzkao87Mlv1KgcDCHPbiz5rcemMvcJXExo%2Brw7mr2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
797638005bc22d04-FRA
expires
Wed, 31 Jan 2024 16:28:35 GMT
hammer-logo.svg
qa.mrc-hammer.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa.mrc-hammer.com/images/hammer-logo.svg
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.89.20 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-89-20.us-west-1.compute.amazonaws.com
Software
Kestrel / ASP.NET
Resource Hash
12af03bbb0cf1315ff9c86cd14d5d3bbce2b92dda4640858633d2d4de24625a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
last-modified
Mon, 21 Jun 2021 13:45:30 GMT
server
Kestrel
etag
"1d766a3b306fe4e"
x-powered-by
ASP.NET
content-type
image/svg+xml
accept-ranges
bytes
content-length
1870
poweredby.jpg
qa.mrc-hammer.com/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa.mrc-hammer.com/images/poweredby.jpg
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.89.20 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-89-20.us-west-1.compute.amazonaws.com
Software
Kestrel / ASP.NET
Resource Hash
f91fff7e2f299fdb9b67f801957398505f12e610ee302ff32c436400ae9c25d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
last-modified
Mon, 21 Jun 2021 13:45:30 GMT
server
Kestrel
etag
"1d766a3b306f13d"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
2109
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/ 		85 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://qa.mrc-hammer.com/
Origin
https://qa.mrc-hammer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
615550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27433
last-modified
Mon, 04 May 2020 16:11:48 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ec4-1538f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2FDcG1rjiArHbw3tQYbpN7ZqARkmjmAmk58aJMRyMzn4ob%2BIdzciP257rtIc3ACFwWvweNaCkuhTVhtak02879tBWZwWvop2D6ndCFTokNCwdRKA1%2F1B0nXrfeIcCLAVcnz7j%2BWETxwpR5OxhU5h2Jdu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
797638005ce63a62-FRA
expires
Wed, 31 Jan 2024 16:28:35 GMT
bootstrap.bundle.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/ 		69 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/js/bootstrap.bundle.min.js
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://qa.mrc-hammer.com/
Origin
https://qa.mrc-hammer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
824004
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
18056
last-modified
Mon, 04 May 2020 16:17:20 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04010-11536"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P3qFXhSkOzj9T0vlu4zEMQLeIt%2FDvo5H0HBQA%2B51EJiPA98TL6Yfcgcbdxwf0YR%2FDdH9r190ETc40S0r0vXZbVE3zkzUPFPUV3g5%2BMEKOz4k67dFQHLvoBNRDlcnU53RE%2F%2FJcACufsFaoWoRMoOV9M%2B%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
797638005ce73a62-FRA
expires
Wed, 31 Jan 2024 16:28:35 GMT
site.js
qa.mrc-hammer.com/js/ 		230 B
397 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qa.mrc-hammer.com/js/site.js?v=4q1jwFhaPaZgr8WAUSrux6hAuh0XDg9kPS3xIVq36I0
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.89.20 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-89-20.us-west-1.compute.amazonaws.com
Software
Kestrel / ASP.NET
Resource Hash
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3Dangular_cet%26redirect_uri%3Dhttps%253A%252F%252Fqa.sso.mrc-cet.com%252Fauth-callback%26response_type%3Did_token%2520token%26scope%3Dopenid%2520profile%2520email%2520api.read%2520IdentityServerApi%26state%3D576bfacca1c8495290d0d4f2df22654d%26nonce%3D8cfd3043b57d4d75b81b04354d8d8308
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
content-encoding
br
last-modified
Mon, 21 Jun 2021 13:45:30 GMT
server
Kestrel
etag
"1d766a3b306f9e6"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
login.jpg
qa.mrc-hammer.com/images/ 		315 KB
315 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qa.mrc-hammer.com/images/login.jpg
Requested by
Host: qa.mrc-hammer.com
URL: https://qa.mrc-hammer.com/css/site.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.18.89.20 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-50-18-89-20.us-west-1.compute.amazonaws.com
Software
Kestrel / ASP.NET
Resource Hash
07fee2107eb11b548d66cc4c236220b38617fe55dfd9d43af87a6a5a211cb103

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://qa.mrc-hammer.com/css/site.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:28:35 GMT
last-modified
Mon, 21 Jun 2021 13:45:30 GMT
server
Kestrel
etag
"1d766a3b3021230"
x-powered-by
ASP.NET
content-type
image/jpeg
accept-ranges
bytes
content-length
322352
qFdH35WCmI96Ajtm81GlU9s.woff2
fonts.gstatic.com/s/overpass/v12/ 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/overpass/v12/qFdH35WCmI96Ajtm81GlU9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Overpass:300i,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://qa.mrc-hammer.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 02:06:10 GMT
x-content-type-options
nosniff
age
51745
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38720
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 18:41:11 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 Feb 2024 02:06:10 GMT

Verdicts & Comments Add Verdict or Comment

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| oncontentvisibilityautostatechange function| $ function| jQuery object| bootstrap object| componentHandler function| MaterialButton function| MaterialCheckbox function| MaterialIconToggle function| MaterialMenu function| MaterialProgress function| MaterialRadio function| MaterialSlider function| MaterialSnackbar function| MaterialSpinner function| MaterialSwitch function| MaterialTabs function| MaterialTextfield function| MaterialTooltip function| MaterialLayout function| MaterialLayoutTab function| MaterialDataTable function| MaterialRipple

1 Cookies

Domain/Path Name / Value
qa.mrc-hammer.com/ Name: .AspNetCore.Antiforgery.pUOXNTmQ6pM
Value: CfDJ8KChbg4MTxRDsUrWRLeuMD35JswEocauHOWQRhKLA7WJC-jJpu-sCHxefkPdnzp8ZLLwm1k89YD9GlbjSGMKMFYHNemXeDPPbSKU2Y-r9gDkAnIQkpFxYPB8vfNOT0T6RwhGsS91Kbpqsh6JqXZgYu8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
maxcdn.bootstrapcdn.com
qa.mrc-hammer.com
qa.sso.mrc-cet.com
use.fontawesome.com
2606:4700::6811:190e
2606:4700::6812:bcf
2606:4700:e2::ac40:840f
2a00:1450:4001:810::2003
2a00:1450:4001:830::200a
50.18.89.20
52.9.241.247
00acbb40ed0ecc14e200415e0377078e3b5be89f7351e2346e5d56a2d1604360
07fee2107eb11b548d66cc4c236220b38617fe55dfd9d43af87a6a5a211cb103
0c733cca1c4445e981c653ad8057319885c69b1894b08b9d27ade57a5c4d3b19
12af03bbb0cf1315ff9c86cd14d5d3bbce2b92dda4640858633d2d4de24625a3
13f578716138aaf01e3b930e863b46b6a0f33e77513b52c193c949fcf47b080e
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
197823b81f13745c20720890a1a6468f4d820daa65e8cd552c8f634fc9ef9077
20c8fd134ad83a73889219e6f672ad8488a38ae3aff68fa62beb7d9e9f75bb6b
33f35692fd57e7407f9a7a650fcc5cc12b828824f44f8f2c4d133323d87b3c11
37a54c6b14d8546b88edd1312f820cafc088c76820b57be8d480db7277dab72e
37ae7d94f310c41d56d115958985b38be7584ced288e866088e8244c719d50a7
3c27eee3e7e742ba78c0d9956e337579a5f82db3af39e8da6f450e8632decebc
44685fee0685b7ecec6eb83edf216c1fb50e35becd145fbc2f043d44086cebf1
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
7fdfd4c1e4a4c3233ee14b1a96b42e968116f21b5efc7ebc45bed4d31a284435
81fce60040d7b2a8037cb80975991c11f62c327ca1b6f2263b7556b7638135ff
8891a160f8a2afb81de5259f9f68e5af3782348ea2927ad9e969bc88c7d39984
8c3cb1912fcf5fad01970d05813ab2630d310134ffce124a15ba3d490c7e9bdf
d56792e4c1e21903b2a68b9a135ec28702da28697bb234115b16912dc689bf81
d68ecd686270fe917328b6a09d44b54e7424cfac7c27901bfdcefbf2b190da65
dceb277397b65246e0732e71b2c0d9141fee56115377e5017b8582868bdbb97f
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e505e654ef4708d9c3d0da4c03e57ae1df262e07377938d4f456a71918c8aa3d
f5ebb4366424da83e5f277a1d391f35d507b231d74781e27d403698027646daa
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
f91fff7e2f299fdb9b67f801957398505f12e610ee302ff32c436400ae9c25d5