urlscan.io logo urlscan.io
SecurityTrails logo

landing.edrnet.com Open in urlscan Pro
192.28.158.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://landing.edrnet.com/PARCELTrainingRequest.html
Effective URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Submission Tags: falconsandbox
Submission: On March 17 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 9 domains to perform 19 HTTP transactions. The main IP is 192.28.158.50, located in United States and belongs to OMNITURE, US. The main domain is landing.edrnet.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 3rd 2017. Valid for: 3 years.
This is the only time landing.edrnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    192.28.158.50 (United States)

ASN15224 (OMNITURE, US)
landing.edrnet.com
1    2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    192.28.146.36 (United States)

ASN15224 (OMNITURE, US)
b2c-mlm.marketo.com
b2c-msm.marketo.com
2    104.109.95.62 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-109-95-62.deploy.static.akamaitechnologies.com
munchkin.marketo.net
2    13.32.23.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-23-7.fra56.r.cloudfront.net
d2yeu2mwujl2s5.cloudfront.net
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c09::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
10 landing.edrnet.com 1 redirects landing.edrnet.com
2 b2c-msm.marketo.com d2yeu2mwujl2s5.cloudfront.net
2 ssl.google-analytics.com 1 redirects landing.edrnet.com
2 d2yeu2mwujl2s5.cloudfront.net b2c-mlm.marketo.com
2 munchkin.marketo.net landing.edrnet.com
munchkin.marketo.net
1 www.google.de landing.edrnet.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 b2c-mlm.marketo.com landing.edrnet.com
1 ajax.googleapis.com landing.edrnet.com
19 10

This site contains links to these domains. Also see Links.

Domain
www.edrnet.com
Subject Issuer Validity Valid
landing.edrnet.com
Go Daddy Secure Certificate Authority - G2		 2017-11-03 -
2020-11-03		 3 years crt.sh
upload.video.google.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
*.marketo.com
DigiCert SHA2 Secure Server CA		 2019-12-09 -
2021-12-13		 2 years crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh
www.google.de
GTS CA 1O1		 2021-02-23 -
2021-05-18		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://landing.edrnet.com/PARCELTrainingRequest.html
Frame ID: 8F8D84340CDAB86BAC0567E62520DF58
Requests: 18 HTTP requests in this frame

Frame: https://b2c-msm.marketo.com/xd/3.33-185/xd_host.html
Frame ID: FEA3B3256E33501C60261760494339B1
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://landing.edrnet.com/PARCELTrainingRequest.html HTTP 301
    https://landing.edrnet.com/PARCELTrainingRequest.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

53 %
HTTPS

60 %
IPv6

9
Domains

10
Subdomains

7
IPs

3
Countries

395 kB
Transfer

740 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://landing.edrnet.com/PARCELTrainingRequest.html HTTP 301
    https://landing.edrnet.com/PARCELTrainingRequest.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=815403962&utmhn=landing.edrnet.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1679122745&utmr=-&utmp=%2FPARCELTrainingRequest.html&utmht=1615982592173&utmac=UA-2418603-1&utmcc=__utma%3D123582687.1717752522.1615982592.1615982592.1615982592.1%3B%2B__utmz%3D123582687.1615982592.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=160710163&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962&slf_rd=1&random=2400717857

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set PARCELTrainingRequest.html
landing.edrnet.com/
Redirect Chain
  • http://landing.edrnet.com/PARCELTrainingRequest.html
  • https://landing.edrnet.com/PARCELTrainingRequest.html
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
a7197f611a26ab2680f1f2750908aff648e706bc38d40c294ed319d7a39277b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
landing.edrnet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BIGipServersj01web-app_http=185073674.20480.0000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 12:03:07 GMT
Content-Type
text/html; charset=utf-8
Content-Length
4916
Connection
keep-alive
Cache-Control
stale-while-revalidate=60, max-age=300, public
Etag
9
P3p
CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
Vary
*,Accept-Encoding
X-Content-Type-Options
nosniff
Content-Encoding
gzip
X-Cache-Status
MISS
X-MKTO-Nginx-Cache
true
Set-Cookie
BIGipServersj01web-nginx-app_https=185073674.47617.0000; path=/; Httponly; Secure

Redirect headers

Server
nginx
Date
Wed, 17 Mar 2021 12:03:06 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
215
Connection
keep-alive
Location
https://landing.edrnet.com/PARCELTrainingRequest.html
Vary
Accept-Encoding
Content-Encoding
gzip
X-Cache-Status
MISS
X-MKTO-Nginx-Cache
true
Set-Cookie
BIGipServersj01web-app_http=185073674.20480.0000; path=/; Httponly
mktLPSupport.css
landing.edrnet.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/css/mktLPSupport.css
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
7d7772e84897894be55c2fc38b6040a24bc96ac28f5c9e15c1349a3c6c5a4972
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:08 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Jan 2021 21:16:45 GMT
Server
nginx
ETag
"49424c-99b-5b841d71de940"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
888
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 17 Mar 2021 02:53:49 GMT
x-content-type-options
nosniff
age
32959
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
93868
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 17 Mar 2022 02:53:49 GMT
loader.php.js
b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/loader.php.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.146.36 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
8b9f53581aa2fe849cb0528c8d0d7b5e0f96a16d5b40d598b7768f1f4a5a3ae1

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:10 GMT
Cache-Control
public, max-age=0
Server
nginx
Connection
close
ETag
AALAtxsGzvkGxzzwsWos1Cfmm9I=
Content-Length
46691
Content-Type
text/javascript;charset=UTF-8
logo.png
landing.edrnet.com/rs/environmentaldataresources/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/logo.png
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
6b0a1ba778a42a0856bd9efcf26bf4554f664a3d418673987ccd48978a5ebd78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:10 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Feb 2021 21:52:58 GMT
Server
nginx
ETag
"4b45e9-14d9-5ba4d6086b1c4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5337
mktFormSupport.js
landing.edrnet.com/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/js/mktFormSupport.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
596905554c4964300a6605f3c148b4e9151bfe86427002068a9f52babbeb3325
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Jan 2021 21:16:41 GMT
Server
nginx
ETag
"496c95-657a-5b841d6e0e040"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8080
munchkin.js
munchkin.marketo.net// 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net//munchkin.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 05 Aug 2020 03:11:00 GMT
Server
AkamaiNetStorage
ETag
"a67ed8ce0a86706b9f73a86806ce5bd3:1596597060.25158"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
752
stripmkttok.js
landing.edrnet.com/js/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/js/stripmkttok.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:10 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 06 Jan 2021 21:16:41 GMT
Server
nginx
ETag
"496ca5-602-5b841d6e0e040"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
678
CF_insight.min.js
d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/ 		265 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js
Requested by
Host: b2c-mlm.marketo.com
URL: https://b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/loader.php.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-7.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
6640e3f4d1093e409214e4dd8dda8615a3dfb1c680871932016b9ad0afdf449a

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Thu, 11 Feb 2021 11:10:49 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 06 Jan 2021 06:57:46 GMT
Server
nginx
Age
2940742
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 f891d17fa862cc74a05434e03fa58dcb.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
_kEiP0addrv1ytp4c7JFhJjE6jKj8FhveOfdbQeoN8rmXX5bTjdEuQ==
Expires
Fri, 11 Feb 2022 11:10:49 GMT
widgets.css
d2yeu2mwujl2s5.cloudfront.net/3.33-185/styles/ 		61 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/styles/widgets.css
Requested by
Host: b2c-mlm.marketo.com
URL: https://b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/loader.php.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.23.7 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-23-7.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
ef7505dd071517e866a13b73aee39020a0a0862fb1957aab1e6c2b2b3e940bb1

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 08 Feb 2021 18:16:33 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 06 Jan 2021 06:57:40 GMT
Server
nginx
Age
3174398
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 34435958fa6d40b77fd22fa1c1f56176.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA56-C2
X-Amz-Cf-Id
GoDFMdCOSb2120ULQL7gBr56d6nstHobG07t5KmjTa5a2O5XdbtkQA==
Expires
Tue, 08 Feb 2022 18:16:33 GMT
bg.jpg
landing.edrnet.com/rs/environmentaldataresources/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/bg.jpg
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
ff7c3cf91ea44cdb223aa1fd656b4b807e750f10488ea9001efbfbef16a9ad9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 03 Feb 2021 01:22:53 GMT
Server
nginx
ETag
"4b5156-586c-5ba646d17e88c"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22636
star.png
landing.edrnet.com/rs/environmentaldataresources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/star.png
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
4334a628e3dabbebf5f6bce11dd2c60dcc668308bb537d11f844feaca6ed89f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 01 Feb 2021 21:53:04 GMT
Server
nginx
ETag
"4b45ec-484-5ba4d60eb05b4"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1156
munchkin.js
munchkin.marketo.net/159/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/159/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.95.62 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-109-95-62.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:10 GMT
Content-Encoding
gzip
Last-Modified
Fri, 08 May 2020 02:24:14 GMT
Server
AkamaiNetStorage
ETag
"79274ffc293e4f76fc372b953f780d16:1588904654.430334"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4810
Expires
Fri, 25 Jun 2021 12:03:10 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 05 Feb 2021 21:33:27 GMT
server
Golfe2
age
1300
date
Wed, 17 Mar 2021 11:41:30 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Wed, 17 Mar 2021 13:41:30 GMT
footer_background.jpg
landing.edrnet.com/rs/environmentaldataresources/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/footer_background.jpg
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
b4e328ce00a1af148445fd3ec2c54223629b00f58b6a813e98f898b1e9abeec8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 03 Feb 2021 01:22:53 GMT
Server
nginx
ETag
"4b5155-561c-5ba646d158342"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22044
button-submit05.gif
landing.edrnet.com/rs/environmentaldataresources/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/button-submit05.gif
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.158.50 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
2dfbb777a4b123d809fe56255348bd1da9783d6c5ac9343ccb196932fc15dcb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:11 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 03 Feb 2021 01:22:53 GMT
Server
nginx
ETag
"4b5157-1170-5ba646d18a40d"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4464
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=815403962&utmhn=landing.edrnet.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962&slf_rd=1&random=2400717857
42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962&slf_rd=1&random=2400717857
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 17 Mar 2021 12:03:14 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 17 Mar 2021 12:03:14 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=1717752522.1615982592&jid=160710163&_v=5.7.2&z=815403962&slf_rd=1&random=2400717857
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_host.html
b2c-msm.marketo.com/xd/3.33-185/ Frame FEA3 		120 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c-msm.marketo.com/xd/3.33-185/xd_host.html
Requested by
Host: d2yeu2mwujl2s5.cloudfront.net
URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.146.36 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
ce71bfe35530d6f20e8d840fe51c400043632f684a779b79df5687166e608292

Request headers

Host
b2c-msm.marketo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://landing.edrnet.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://landing.edrnet.com/

Response headers

Server
nginx
Date
Wed, 17 Mar 2021 12:03:15 GMT
Content-Type
text/html
Last-Modified
Wed, 06 Jan 2021 06:57:46 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip
track.gif
b2c-msm.marketo.com/tracker/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2c-msm.marketo.com/tracker/track.gif?cf_eventid=View&cachebust=0.5467152006761493&subscriber=insight&product=fdd62bc2-5b16-4175-a70b-493ce3f6c33f&topcommunity=579&cflog_unk=9VWR6D&html_escape=true&session=DWBV0E
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.146.36 , United States, ASN15224 (OMNITURE, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://landing.edrnet.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Wed, 17 Mar 2021 12:03:15 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

36 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| $jQ object| cf_scripts object| h object| Mkto string| key boolean| formEdit object| socialSignOn object| profiling string| mktFormLanguage function| mktoGetForm function| formSubmit function| formReset function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| _gaq object| MunchkinTracker object| _gat object| gaGlobal object| CF function| cf_jq_old undefined| cf_$_old function| cf_jq object| jQuery182011854498659628088

2 Cookies

Domain/Path Name / Value
.edrnet.com/ Name: __csess
Value: 1615984094279.DWBV0E.
.edrnet.com/ Name: __cdrop
Value: .9VWR6D.

29 Console Messages

Source Level URL
Text
console-api debug URL: https://munchkin.marketo.net/159/munchkin.js(Line 22)
Message:
Munchkin.init("%s") options: 714-JCT-087 [object Object]
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event syndid_change
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_afterComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event logout_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event external_login_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event startall_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event session_beforeloaded
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event session_beforeloaded
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 3
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event syndid_change
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event request_completed
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 4
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_afterComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 5
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Binding xd_host iframe
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: xd_host iframe created
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event startall_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 1
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-185/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event context_loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b2c-mlm.marketo.com
b2c-msm.marketo.com
d2yeu2mwujl2s5.cloudfront.net
landing.edrnet.com
munchkin.marketo.net
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
104.109.95.62
13.32.23.7
192.28.146.36
192.28.158.50
2a00:1450:4001:808::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:813::2004
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2008
2a00:1450:400c:c09::9b
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2dfbb777a4b123d809fe56255348bd1da9783d6c5ac9343ccb196932fc15dcb4
4334a628e3dabbebf5f6bce11dd2c60dcc668308bb537d11f844feaca6ed89f1
459e23d23ffe65a86f3a1f67c07edc92e0c69461ff83fbd63764d7b36cac92fc
596905554c4964300a6605f3c148b4e9151bfe86427002068a9f52babbeb3325
5cc2628039ee08964a5f46fb8abb1d5e1ec87e1200d12862ef1232bbfed7da55
6640e3f4d1093e409214e4dd8dda8615a3dfb1c680871932016b9ad0afdf449a
6b0a1ba778a42a0856bd9efcf26bf4554f664a3d418673987ccd48978a5ebd78
7d7772e84897894be55c2fc38b6040a24bc96ac28f5c9e15c1349a3c6c5a4972
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
8b9f53581aa2fe849cb0528c8d0d7b5e0f96a16d5b40d598b7768f1f4a5a3ae1
a7197f611a26ab2680f1f2750908aff648e706bc38d40c294ed319d7a39277b8
b4e328ce00a1af148445fd3ec2c54223629b00f58b6a813e98f898b1e9abeec8
ce71bfe35530d6f20e8d840fe51c400043632f684a779b79df5687166e608292
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7505dd071517e866a13b73aee39020a0a0862fb1957aab1e6c2b2b3e940bb1
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
ff7c3cf91ea44cdb223aa1fd656b4b807e750f10488ea9001efbfbef16a9ad9d