urlscan.io logo urlscan.io
SecurityTrails logo

landing.edrnet.com Open in urlscan Pro
192.28.158.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://landing.edrnet.com/PARCELTrainingRequest.html
Effective URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Submission: On May 05 via manual from IN
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 4 countries across 9 domains to perform 19 HTTP transactions. The main IP is 192.28.158.50, located in United States and belongs to MARKETO, US. The main domain is landing.edrnet.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 3rd 2017. Valid for: 3 years.
This is the only time landing.edrnet.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

10    192.28.158.50 (United States)

ASN53580 (MARKETO, US)
landing.edrnet.com
1    2a00:1450:4001:824::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    192.28.146.36 (United States)

ASN53580 (MARKETO, US)
b2c-mlm.marketo.com
b2c-msm.marketo.com
2    88.221.60.75 (Ascension Island)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-60-75.deploy.static.akamaitechnologies.com
munchkin.marketo.net
2    143.204.101.118 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-101-118.fra50.r.cloudfront.net
d2yeu2mwujl2s5.cloudfront.net
2    2a00:1450:4001:825::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
1    2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
Domain Requested by
10 landing.edrnet.com 1 redirects landing.edrnet.com
ajax.googleapis.com
2 b2c-msm.marketo.com d2yeu2mwujl2s5.cloudfront.net
2 ssl.google-analytics.com 1 redirects landing.edrnet.com
2 d2yeu2mwujl2s5.cloudfront.net b2c-mlm.marketo.com
2 munchkin.marketo.net landing.edrnet.com
munchkin.marketo.net
1 www.google.de landing.edrnet.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 b2c-mlm.marketo.com landing.edrnet.com
1 ajax.googleapis.com landing.edrnet.com
19 10

This site contains links to these domains. Also see Links.

Domain
www.edrnet.com
Subject Issuer Validity Valid
landing.edrnet.com
Go Daddy Secure Certificate Authority - G2		 2017-11-03 -
2020-11-03		 3 years crt.sh
upload.video.google.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
*.marketo.com
DigiCert SHA2 Secure Server CA		 2019-12-09 -
2021-12-13		 2 years crt.sh
*.marketo.net
DigiCert SHA2 Secure Server CA		 2020-03-14 -
2021-04-13		 a year crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2019-07-17 -
2020-07-05		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://landing.edrnet.com/PARCELTrainingRequest.html
Frame ID: 25F092749348EC798ECDA0CC24F16ECA
Requests: 18 HTTP requests in this frame

Frame: https://b2c-msm.marketo.com/xd/3.33-127/xd_host.html
Frame ID: D82CEBC9887E8CEC3892573F04CF53B4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://landing.edrnet.com/PARCELTrainingRequest.html HTTP 301
    https://landing.edrnet.com/PARCELTrainingRequest.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

19
Requests

100 %
HTTPS

56 %
IPv6

9
Domains

10
Subdomains

7
IPs

4
Countries

287 kB
Transfer

620 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://landing.edrnet.com/PARCELTrainingRequest.html HTTP 301
    https://landing.edrnet.com/PARCELTrainingRequest.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1824503670&utmhn=landing.edrnet.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=565903156&utmr=-&utmp=%2FPARCELTrainingRequest.html&utmht=1588638185818&utmac=UA-2418603-1&utmcc=__utma%3D123582687.178037542.1588638186.1588638186.1588638186.1%3B%2B__utmz%3D123582687.1588638186.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1989043115&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670&slf_rd=1&random=2150952330

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set PARCELTrainingRequest.html
landing.edrnet.com/
Redirect Chain
  • http://landing.edrnet.com/PARCELTrainingRequest.html
  • https://landing.edrnet.com/PARCELTrainingRequest.html
16 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
a7197f611a26ab2680f1f2750908aff648e706bc38d40c294ed319d7a39277b8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Host
landing.edrnet.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
BIGipServersj01web-app_http=185073674.20480.0000
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 05 May 2020 00:23:03 GMT
Content-Type
text/html; charset=utf-8
Content-Length
4916
Connection
keep-alive
P3p
CP="CAO CURa ADMa DEVa TAIa OUR IND UNI COM NAV INT"
Vary
*,Accept-Encoding
X-Content-Type-Options
nosniff
Content-Encoding
gzip
X-Cache-Status
HIT
X-MKTO-Nginx-Cache
true
Set-Cookie
BIGipServersj01web-nginx-app_https=185073674.47617.0000; path=/; Httponly; Secure

Redirect headers

Server
nginx
Date
Tue, 05 May 2020 00:23:00 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
215
Connection
keep-alive
Location
https://landing.edrnet.com/PARCELTrainingRequest.html
Vary
Accept-Encoding
Content-Encoding
gzip
X-Cache-Status
MISS
X-MKTO-Nginx-Cache
true
Set-Cookie
BIGipServersj01web-app_http=185073674.20480.0000; path=/; Httponly
mktLPSupport.css
landing.edrnet.com/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/css/mktLPSupport.css
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
7d7772e84897894be55c2fc38b6040a24bc96ac28f5c9e15c1349a3c6c5a4972
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Apr 2020 18:40:57 GMT
Server
nginx
ETag
"46c338-99b-5a23f065dc040"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
888
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Apr 2020 17:39:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
974636
status
200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33333
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 23 Apr 2021 17:39:07 GMT
loader.php.js
b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/ 		46 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/loader.php.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.146.36 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
c5275d1e0ddab2e0723f896e55958e6df9d872223a63923d664b0943c8a99324

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:04 GMT
Cache-Control
public, max-age=0
Server
nginx
Connection
close
ETag
cqi9p6/UaNdzHNxA2lmqLMBMNhk=
Content-Length
46647
Content-Type
text/javascript;charset=UTF-8
logo.png
landing.edrnet.com/rs/environmentaldataresources/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/logo.png
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
6b0a1ba778a42a0856bd9efcf26bf4554f664a3d418673987ccd48978a5ebd78
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:04 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 14 Apr 2020 16:09:25 GMT
Server
nginx
ETag
"521394-14d9-5a3426c692bb9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5337
mktFormSupport.js
landing.edrnet.com/js/ 		25 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/js/mktFormSupport.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
596905554c4964300a6605f3c148b4e9151bfe86427002068a9f52babbeb3325
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:03 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Apr 2020 18:40:54 GMT
Server
nginx
ETag
"46edfb-657a-5a23f062ff980"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8080
munchkin.js
munchkin.marketo.net// 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net//munchkin.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c7d7214a0b940c1ffcbd64689a576c5847b42e886da3ad9ea45bc4cda214bac8

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:03 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Apr 2020 02:45:45 GMT
Server
Apache
ETag
"aa520b8aca3502dbdbf62462e6f4be67:1585881945"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR", policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
751
stripmkttok.js
landing.edrnet.com/js/ 		2 KB
1016 B 		Script
General
Check archive.org
Download Go to
Full URL
https://landing.edrnet.com/js/stripmkttok.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:04 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Wed, 01 Apr 2020 18:40:54 GMT
Server
nginx
ETag
"46ee0b-602-5a23f062ff980"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
678
CF_insight.min.js
d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/ 		265 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js
Requested by
Host: b2c-mlm.marketo.com
URL: https://b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/loader.php.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-118.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
5c576e1438617cff91fc7dd1ea4cffac7ad9486d753a3dc7e31a342bf2a08d36

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 11 Apr 2020 00:25:14 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 01 Apr 2020 10:20:28 GMT
Server
nginx
Age
2073470
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 32e4d419823b7f8df8417a8b18c9602d.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
6Gu1bz_A50Ogv03u3HO22P_gZskKZeyG1CMzWvfH6yyaelGyFC3hVQ==
Expires
Sun, 11 Apr 2021 00:25:14 GMT
widgets.css
d2yeu2mwujl2s5.cloudfront.net/3.33-127/styles/ 		61 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/styles/widgets.css
Requested by
Host: b2c-mlm.marketo.com
URL: https://b2c-mlm.marketo.com/jsloader/fdd62bc2-5b16-4175-a70b-493ce3f6c33f/loader.php.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.101.118 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-101-118.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
ef7505dd071517e866a13b73aee39020a0a0862fb1957aab1e6c2b2b3e940bb1

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sat, 11 Apr 2020 00:25:14 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 01 Apr 2020 10:20:16 GMT
Server
nginx
Age
2073471
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 baaf38f0a0d54e4834bf934fa5189ceb.cloudfront.net (CloudFront)
Cache-Control
max-age=31536000
Transfer-Encoding
chunked
X-Amz-Cf-Pop
FRA50-C1
X-Amz-Cf-Id
n8n_FIP9SK8zfPJXX5Gp1B2Y9oc2PNouYG5NnV_-6rvArCtE3p8-iw==
Expires
Sun, 11 Apr 2021 00:25:14 GMT
munchkin.js
munchkin.marketo.net/158/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://munchkin.marketo.net/158/munchkin.js
Requested by
Host: munchkin.marketo.net
URL: https://munchkin.marketo.net//munchkin.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.221.60.75 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-60-75.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f967fd41346c0fc1b9b44fa69c52bf1e754420c59c8017cefb0a14a764cafa4

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Jan 2020 03:01:21 GMT
Server
Apache
ETag
"67df7eb9e9e68638308f14367dddec10:1580180481"
Vary
Accept-Encoding
P3P
policyref="http://www.marketo.com/w3c/p3p.xml", CP="NOI DSP COR NID CURi OUR NOR"
Cache-Control
max-age=8640000
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
application/x-javascript
Content-Length
4686
Expires
Thu, 13 Aug 2020 00:23:05 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 06 Feb 2020 00:21:02 GMT
server
Golfe2
age
475
date
Tue, 05 May 2020 00:15:10 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 05 May 2020 02:15:10 GMT
bg.jpg
landing.edrnet.com/rs/environmentaldataresources/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/bg.jpg
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
ff7c3cf91ea44cdb223aa1fd656b4b807e750f10488ea9001efbfbef16a9ad9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Apr 2020 18:39:28 GMT
Server
nginx
ETag
"52161c-586c-5a3d155e7c930"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22636
star.png
landing.edrnet.com/rs/environmentaldataresources/images/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/star.png
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
4334a628e3dabbebf5f6bce11dd2c60dcc668308bb537d11f844feaca6ed89f1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Apr 2020 18:39:28 GMT
Server
nginx
ETag
"52161d-484-5a3d155ef6286"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1156
footer_background.jpg
landing.edrnet.com/rs/environmentaldataresources/images/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/footer_background.jpg
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
b4e328ce00a1af148445fd3ec2c54223629b00f58b6a813e98f898b1e9abeec8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Apr 2020 18:39:28 GMT
Server
nginx
ETag
"52161e-561c-5a3d155ef666e"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22044
button-submit05.gif
landing.edrnet.com/rs/environmentaldataresources/images/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://landing.edrnet.com/rs/environmentaldataresources/images/button-submit05.gif
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
192.28.158.50 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
2dfbb777a4b123d809fe56255348bd1da9783d6c5ac9343ccb196932fc15dcb4
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:05 GMT
X-Content-Type-Options
nosniff
Last-Modified
Tue, 21 Apr 2020 18:39:29 GMT
Server
nginx
ETag
"52161f-1170-5a3d155f32761"
Content-Type
image/gif
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4464
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1824503670&utmhn=landing.edrnet.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670&slf_rd=1&random=2150952330
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670&slf_rd=1&random=2150952330
Requested by
Host: landing.edrnet.com
URL: https://landing.edrnet.com/PARCELTrainingRequest.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 05 May 2020 00:23:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 05 May 2020 00:23:06 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-2418603-1&cid=178037542.1588638186&jid=1989043115&_v=5.7.2&z=1824503670&slf_rd=1&random=2150952330
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
xd_host.html
b2c-msm.marketo.com/xd/3.33-127/ Frame D82C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://b2c-msm.marketo.com/xd/3.33-127/xd_host.html
Requested by
Host: d2yeu2mwujl2s5.cloudfront.net
URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.146.36 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
b2c-msm.marketo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://landing.edrnet.com/PARCELTrainingRequest.html

Response headers

Server
nginx
Date
Tue, 05 May 2020 00:23:06 GMT
Content-Type
text/html
Last-Modified
Wed, 01 Apr 2020 10:20:28 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip
track.gif
b2c-msm.marketo.com/tracker/ 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b2c-msm.marketo.com/tracker/track.gif?cf_eventid=View&cachebust=0.5076432701747677&subscriber=insight&product=fdd62bc2-5b16-4175-a70b-493ce3f6c33f&topcommunity=579&cflog_unk=3YQ07R&html_escape=true&session=GG8GBW
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
192.28.146.36 , United States, ASN53580 (MARKETO, US),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
https://landing.edrnet.com/PARCELTrainingRequest.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 05 May 2020 00:23:06 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| $jQ object| cf_scripts object| h object| Mkto string| key boolean| formEdit object| socialSignOn object| profiling string| mktFormLanguage function| mktoGetForm function| formSubmit function| formReset function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin object| _gaq object| MunchkinTracker object| _gat object| gaGlobal object| CF function| cf_jq_old undefined| cf_$_old function| cf_jq object| jQuery182014138794705231983

9 Cookies

Domain/Path Name / Value
.edrnet.com/ Name: __cdrop
Value: .3YQ07R.
.edrnet.com/ Name: __utmb
Value: 123582687.1.10.1588638186
.edrnet.com/ Name: __utmt
Value: 1
landing.edrnet.com/ Name: BIGipServersj01web-app_http
Value: 185073674.20480.0000
.edrnet.com/ Name: __utmc
Value: 123582687
.edrnet.com/ Name: __utma
Value: 123582687.178037542.1588638186.1588638186.1588638186.1
.edrnet.com/ Name: __csess
Value: 1588639686072.GG8GBW.
.edrnet.com/ Name: __utmz
Value: 123582687.1588638186.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
landing.edrnet.com/ Name: BIGipServersj01web-nginx-app_https
Value: 185073674.47617.0000

29 Console Messages

Source Level URL
Text
console-api debug URL: https://munchkin.marketo.net/158/munchkin.js(Line 22)
Message:
Munchkin.init("%s") options: 714-JCT-087 [object Object]
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event syndid_change
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_afterComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event logout_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event external_login_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event startall_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event session_beforeloaded
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event session_beforeloaded
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_beforeComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 3
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event syndid_change
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event request_completed
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 4
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event config_afterComplete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 5
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Binding xd_host iframe
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: xd_host iframe created
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Firing event startall_complete
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Unlistening event 1
console-api log URL: https://d2yeu2mwujl2s5.cloudfront.net/3.33-127/js/CF_insight.min.js(Line 1)
Message:
INFO: Listening for event context_loaded

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
b2c-mlm.marketo.com
b2c-msm.marketo.com
d2yeu2mwujl2s5.cloudfront.net
landing.edrnet.com
munchkin.marketo.net
ssl.google-analytics.com
stats.g.doubleclick.net
www.google.com
www.google.de
143.204.101.118
192.28.146.36
192.28.158.50
2a00:1450:4001:819::2004
2a00:1450:4001:824::2003
2a00:1450:4001:824::200a
2a00:1450:4001:825::2008
2a00:1450:400c:c08::9b
88.221.60.75
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2dfbb777a4b123d809fe56255348bd1da9783d6c5ac9343ccb196932fc15dcb4
4334a628e3dabbebf5f6bce11dd2c60dcc668308bb537d11f844feaca6ed89f1
596905554c4964300a6605f3c148b4e9151bfe86427002068a9f52babbeb3325
5c576e1438617cff91fc7dd1ea4cffac7ad9486d753a3dc7e31a342bf2a08d36
5f967fd41346c0fc1b9b44fa69c52bf1e754420c59c8017cefb0a14a764cafa4
6b0a1ba778a42a0856bd9efcf26bf4554f664a3d418673987ccd48978a5ebd78
7d7772e84897894be55c2fc38b6040a24bc96ac28f5c9e15c1349a3c6c5a4972
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
a7197f611a26ab2680f1f2750908aff648e706bc38d40c294ed319d7a39277b8
b4e328ce00a1af148445fd3ec2c54223629b00f58b6a813e98f898b1e9abeec8
c5275d1e0ddab2e0723f896e55958e6df9d872223a63923d664b0943c8a99324
c7d7214a0b940c1ffcbd64689a576c5847b42e886da3ad9ea45bc4cda214bac8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7505dd071517e866a13b73aee39020a0a0862fb1957aab1e6c2b2b3e940bb1
f7545b96ed2740220c349ae9deb614faf1f0f211d4cf710788e0790f74cc9715
ff7c3cf91ea44cdb223aa1fd656b4b807e750f10488ea9001efbfbef16a9ad9d