urlscan.io logo urlscan.io
SecurityTrails logo

ww2.etrigue.com Open in urlscan Pro
38.111.197.138  Public Scan

Go To Rescan Add Verdict Report
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Submission: On August 10 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 7 domains to perform 21 HTTP transactions. The main IP is 38.111.197.138, located in Washington, United States and belongs to COGENT-174 - Cogent Communications, US. The main domain is ww2.etrigue.com.
This is the only time ww2.etrigue.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 38.111.197.138 174 (COGENT-174)
1 52.84.127.126 16509 (AMAZON-02)
2 52.21.22.234 14618 (AMAZON-AES)
1 52.21.177.130 14618 (AMAZON-AES)
1 52.5.195.122 16509 (AMAZON-02)
1 37.252.172.39 29990 (ASN-APPNEXUS)
1 37.252.172.80 29990 (ASN-APPNEXUS)
3 52.84.127.130 16509 (AMAZON-02)
1 54.192.50.213 16509 (AMAZON-02)
1 2600:9000:203... 16509 (AMAZON-02)
2 52.84.127.197 16509 (AMAZON-02)
21 12
3    38.111.197.138 (Washington, United States)

ASN174 (COGENT-174 - Cogent Communications, US)
ww2.etrigue.com
1    52.84.127.126 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-127-126.iad16.r.cloudfront.net
s.dpmsrv.com
2    52.21.22.234 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-22-234.compute-1.amazonaws.com
a.dpmsrv.com
1    52.21.177.130 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-21-177-130.compute-1.amazonaws.com
a.dpmsrv.com
1    52.5.195.122 (Ashburn, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-5-195-122.compute-1.amazonaws.com
x.dlx.addthis.com
1    37.252.172.39 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    37.252.172.80 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 152.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    52.84.127.130 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-127-130.iad16.r.cloudfront.net
register.gotowebinar.com
1    54.192.50.213 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-54-192-50-213.jfk5.r.cloudfront.net
weblibrary.cdn.citrixonline.com
1    2600:9000:203c:d400:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
content.jwplatform.com
2    52.84.127.197 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-84-127-197.iad16.r.cloudfront.net
register.gotowebinar.com
Domain Requested by
5 register.gotowebinar.com register.gotowebinar.com
3 a.dpmsrv.com ww2.etrigue.com
s.dpmsrv.com
3 ww2.etrigue.com ww2.etrigue.com
2 ib.adnxs.com ww2.etrigue.com
1 content.jwplatform.com register.gotowebinar.com
1 weblibrary.cdn.citrixonline.com register.gotowebinar.com
1 x.dlx.addthis.com ww2.etrigue.com
1 s.dpmsrv.com ww2.etrigue.com
21 8

This site contains no links.

Subject Issuer Validity Valid
*.dpmsrv.com
Amazon		 2017-07-10 -
2018-08-10		 a year crt.sh
*.adnxs.com
GeoTrust SSL CA - G3		 2016-02-25 -
2018-05-26		 2 years crt.sh
register.gotowebinar.com
DigiCert SHA2 Secure Server CA		 2017-04-25 -
2018-06-15		 a year crt.sh
*.cdn.citrixonline.com
Verizon Public SureServer CA G14-SHA2		 2015-11-16 -
2019-01-14		 3 years crt.sh
jwplayer.com
Amazon		 2017-02-22 -
2018-03-22		 a year crt.sh

This page contains 2 frames:

Frame: https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Frame ID: 27749.1
Requests: 11 HTTP requests in this frame

Frame: https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Frame ID: 27762.1
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Statistics

21
Requests

43 %
HTTPS

9 %
IPv6

7
Domains

8
Subdomains

12
IPs

2
Countries

355 kB
Transfer

1325 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request 3
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D542%2526pixelIndex%253D0%2526r%253D571291%2526tzOffset%253D...
  • http://a.dpmsrv.com/dpmpxl/index.php?id=6367407105242771751&q=xImp&v=1.x&cl=542&pixelIndex=0&r=571291&tzOffset=0&url=http%3A%2F%2Fww2.etrigue.com%2Fredirect-08182017-email%3Fjujrtyghfud2147255a1326...
Request 4
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=6367407105242771751&pixelIndex=0&_=1502378634439&google_tc=
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=6367407105242771751&pixelIndex=0&_=1502378634439&google_gid=CAESEGcP_LJvWIUJM5NWRgQhrCg&google_cver=1
Request 5
  • http://e.nexac.com/e/liveramp_sync.xgi?na_exid=849e8ad3790b47a0bd74e1cda4dc391aeac14b07f38c8620023847184666fd393b87cd2c0007efc4
  • http://x.dlx.addthis.com/e/liveramp_sync.xgi?na_exid=849e8ad3790b47a0bd74e1cda4dc391aeac14b07f38c8620023847184666fd393b87cd2c0007efc4
Request 7
  • http://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&uid=6367407105242771751
  • http://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
Request 8
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&uid=6367407105242771751
  • https://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
Request 9
  • https://attendee.gotowebinar.com/register/1306941477552738305?source=redemail
  • https://register.gotowebinar.com/register/1306941477552738305?source=redemail

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request redirect-08182017-email
ww2.etrigue.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Server
38.111.197.138 Washington, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
nginx/1.4.1 /
Resource Hash
f4c6bc77a96b7947d57f863184047536d65b85cd3032b54a7b4ed926d9003c41

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 10 Aug 2017 15:23:53 GMT
Content-Encoding
gzip
Server
nginx/1.4.1
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
1650
Expires
Thu, 19 Nov 1981 08:52:00 GMT
dpm_d06b6c54863ac33d12419dd04f7acb85c696f722.min.js
s.dpmsrv.com/ 		108 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s.dpmsrv.com/dpm_d06b6c54863ac33d12419dd04f7acb85c696f722.min.js
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Server
52.84.127.126 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-127-126.iad16.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ae02e5fc17cdff02d4dc9ddc7bad3c6c34889c7a8da7538da688d6534b0a3f95

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Tue, 06 Jun 2017 19:59:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 06 Jun 2017 19:50:09 GMT
Server
AmazonS3
Age
43168
ETag
"f1023dcfa28045114a0b7c52a108c5ae"
X-Cache
Hit from cloudfront
Content-Type
application/x-javascript
Via
1.1 0579f4eba24bbe8abed6a0529591ab2d.cloudfront.net (CloudFront)
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38221
X-Amz-Cf-Id
XmN9SjpPgKQjJPeLsYfweuRI1KJxm5Fr9-Ux2pSe_0tK1l9VF0gF7g==
t.js
ww2.etrigue.com/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ww2.etrigue.com/t.js
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Server
38.111.197.138 Washington, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
nginx/1.4.1 /
Resource Hash
fe0541ed9ea18974511878ce8be2ee9ed79fdfd2d2c228e50165d4d7fbc4872c

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
public
Date
Thu, 10 Aug 2017 15:23:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Sep 2016 19:58:26 GMT
Server
nginx/1.4.1
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=30, public, must-revalidate, proxy-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=300
Expires
Thu, 10 Aug 2017 15:24:24 GMT
t.php
ww2.etrigue.com/ 		174 B
159 B 		Script
General
Check archive.org
Download Go to
Full URL
http://ww2.etrigue.com/t.php?a=258&a258=&b258=&a258exit=&b=2147255a132677413a5103a58720a36104a1895&n=Redirect%20to%20Event%20Campaigns&u=http%3A%2F%2Fww2.etrigue.com%2Fredirect-08182017-email&r=&t=1502378634147&uu=0&jujrtyghfud2147255a132677413a5103a58720a36104a1895
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/t.js
Protocol
HTTP/1.1
Server
38.111.197.138 Washington, United States, ASN174 (COGENT-174 - Cogent Communications, US),
Reverse DNS
Software
nginx/1.4.1 /
Resource Hash
315d45bb919ef43c6cd5add083b467df2cd0671341bbfe4285c9abf31d383447

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 10 Aug 2017 15:23:54 GMT
Content-Encoding
gzip
Server
nginx/1.4.1
Vary
Accept-Encoding
Content-Type
application/json
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
159
Expires
Thu, 19 Nov 1981 08:52:00 GMT
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • http://ib.adnxs.com/bounce?%2Fgetuid%3Fhttp%3A%2F%2Fa.dpmsrv.com%2Fdpmpxl%2Findex.php%3Fid%3D%24UID%26q%253DxImp%2526v%253D1.x%2526cl%253D542%2526pixelIndex%253D0%2526r%253D571291%2526tzOffset%253D...
  • http://a.dpmsrv.com/dpmpxl/index.php?id=6367407105242771751&q=xImp&v=1.x&cl=542&pixelIndex=0&r=571291&tzOffset=0&url=http%3A%2F%2Fww2.etrigue.com%2Fredirect-08182017-email%3Fjujrtyghfud2147255a1326...
 		256 B
226 B 		Script
General
Check archive.org
Download Go to
Full URL
http://a.dpmsrv.com/dpmpxl/index.php?id=6367407105242771751&q=xImp&v=1.x&cl=542&pixelIndex=0&r=571291&tzOffset=0&url=http%3A%2F%2Fww2.etrigue.com%2Fredirect-08182017-email%3Fjujrtyghfud2147255a132677413a5103a58720a36104a1895&_=1502378634438
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Server
52.21.22.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-22-234.compute-1.amazonaws.com
Software
/
Resource Hash
39c716237a995ad6931a939988a513f796ac6542ee28a6cd7a1ab0754d9e6d8f

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
226
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 10 Aug 2017 15:23:56 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 246.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.52:80
AN-X-Request-Uuid
1353e7fe-b00a-4564-a3e7-bdc0a184885e
Server
nginx/1.11.5
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
http://a.dpmsrv.com/dpmpxl/index.php?id=6367407105242771751&q=xImp&v=1.x&cl=542&pixelIndex=0&r=571291&tzOffset=0&url=http%3A%2F%2Fww2.etrigue.com%2Fredirect-08182017-email%3Fjujrtyghfud2147255a132677413a5103a58720a36104a1895&_=1502378634438
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
index.php
a.dpmsrv.com/dpmpxl/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=datapoint_dmp&google_cm=&ap_id=6367407105242771751&pixelIndex=0&_=1502378634439&google_tc=
  • https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=6367407105242771751&pixelIndex=0&_=1502378634439&google_gid=CAESEGcP_LJvWIUJM5NWRgQhrCg&google_cver=1
 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=6367407105242771751&pixelIndex=0&_=1502378634439&google_gid=CAESEGcP_LJvWIUJM5NWRgQhrCg&google_cver=1
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.21.177.130 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-177-130.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Content-Length
0
Expires
0

Redirect headers

pragma
no-cache
date
Thu, 10 Aug 2017 15:23:54 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://a.dpmsrv.com/dpmpxl/index.php?q=dfp&ap_id=6367407105242771751&pixelIndex=0&_=1502378634439&google_gid=CAESEGcP_LJvWIUJM5NWRgQhrCg&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
368
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
liveramp_sync.xgi
x.dlx.addthis.com/e/
Redirect Chain
  • http://e.nexac.com/e/liveramp_sync.xgi?na_exid=849e8ad3790b47a0bd74e1cda4dc391aeac14b07f38c8620023847184666fd393b87cd2c0007efc4
  • http://x.dlx.addthis.com/e/liveramp_sync.xgi?na_exid=849e8ad3790b47a0bd74e1cda4dc391aeac14b07f38c8620023847184666fd393b87cd2c0007efc4
 		43 B
43 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://x.dlx.addthis.com/e/liveramp_sync.xgi?na_exid=849e8ad3790b47a0bd74e1cda4dc391aeac14b07f38c8620023847184666fd393b87cd2c0007efc4
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Server
52.5.195.122 Ashburn, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-5-195-122.compute-1.amazonaws.com
Software
lighttpd/1.4.33 / Jigawatts
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Aug 2017 15:23:55 GMT
Server
lighttpd/1.4.33
X-Powered-By
Jigawatts
P3P
policyref="http://www.nextaction.net/P3P/PolicyReferences.xml", CP="NOI DSP COR NID CURa ADMa DEVa TAIo PSAo PSDo HISa OUR DELa SAMo UNRo OTRo BUS UNI PUR COM NAV INT DEM STA PRE"
Connection
keep-alive
Content-type
image/gif
Content-Length
43
Expires
Wed Sep 15 09:14:42 MDT 2019

Redirect headers

Location
http://x.dlx.addthis.com/e/liveramp_sync.xgi?na_exid=849e8ad3790b47a0bd74e1cda4dc391aeac14b07f38c8620023847184666fd393b87cd2c0007efc4
Date
Thu, 10 Aug 2017 15:23:55 GMT
Server
akka-http/2.4.10
Connection
keep-alive
Content-Length
206
Content-Type
text/html; charset=UTF-8
index.php
a.dpmsrv.com/dpmpxl/ 		5 B
42 B 		Script
General
Check archive.org
Download Go to
Full URL
http://a.dpmsrv.com/dpmpxl/index.php?q=xSeg&v=1.x&ep%5Bids%5D=8801029%2C8800989&cl=542&pixelIndex=0&r=535194&tzOffset=0&url=http%3A%2F%2Fww2.etrigue.com%2Fredirect-08182017-email%3Fjujrtyghfud2147255a132677413a5103a58720a36104a1895&id=6367407105242771751&_=1502378634440
Requested by
Host: s.dpmsrv.com
URL: http://s.dpmsrv.com/dpm_d06b6c54863ac33d12419dd04f7acb85c696f722.min.js
Protocol
HTTP/1.1
Server
52.21.22.234 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-52-21-22-234.compute-1.amazonaws.com
Software
/
Resource Hash
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
Access-Control-Max-Age
10
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
transfer-encoding
chunked
Connection
keep-alive
Content-Type
text/javascript
Access-Control-Allow-Headers
content-type, accept
Expires
0
setuid
ib.adnxs.com/
Redirect Chain
  • http://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&uid=6367407105242771751
  • http://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Server
37.252.172.39 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
246.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.11.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Aug 2017 15:23:57 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 246.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.26:80
AN-X-Request-Uuid
3ad68ace-459e-49b5-8f66-5789aec20221
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 10 Aug 2017 15:23:55 GMT
Server
HTTP server (unknown)
P3P
policyref="http://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Location
http://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Content-Length
317
X-XSS-Protection
1; mode=block
Expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_sc&uid=6367407105242771751
  • https://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
Requested by
Host: ww2.etrigue.com
URL: http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
37.252.172.80 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
152.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.11.5 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 10 Aug 2017 15:23:57 GMT
X-Proxy-Origin
148.251.45.254; 148.251.45.254; 152.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.172.13:80
AN-X-Request-Uuid
411b466b-7b31-4e89-8df8-e984ad93262d
Server
nginx/1.11.5
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 10 Aug 2017 15:23:55 GMT
server
HTTP server (unknown)
status
302
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&uid=6367407105242771751&code=CAESEPvXM_gm1Kji9tRDVmYRCRM&google_cver=1
cache-control
no-cache, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="39,38,37,35",quic=":443"; ma=2592000; v="39,38,37,35"
content-length
318
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
1306941477552738305
register.gotowebinar.com/register/
Redirect Chain
  • https://attendee.gotowebinar.com/register/1306941477552738305?source=redemail
  • https://register.gotowebinar.com/register/1306941477552738305?source=redemail
 		0
0
1306941477552738305
register.gotowebinar.com/register/ Frame 2776 		2 KB
825 B 		Document
General
Check archive.org
Download Go to
Full URL
https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.127.130 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-127-130.iad16.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22deb61505dc711936373b77df9232be49e7c42899282ccd7de04e790b6807ec

Request headers

Upgrade-Insecure-Requests
1
Referer
http://ww2.etrigue.com/redirect-08182017-email?jujrtyghfud2147255a132677413a5103a58720a36104a1895
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Thu, 10 Aug 2017 15:24:00 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jul 2017 23:23:05 GMT
Server
AmazonS3
ETag
"eadf7ed426b4eea47c5226196a7f8d38"
X-Cache
Error from cloudfront
Content-Type
text/html; charset=UTF-8
Via
1.1 4ddddf0243e9305f37605c71001e5dd7.cloudfront.net (CloudFront)
Cache-Control
public, must-revalidate, proxy-revalidate, max-age=0
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
825
X-Amz-Cf-Id
ZTbe05VYWKV3msefr9Ra_IZ8remgS8XRHRgwkahf0qbKJGOuW4yZpg==
togo.css
weblibrary.cdn.citrixonline.com/togo/6.3.0/styles/ Frame 2776 		176 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://weblibrary.cdn.citrixonline.com/togo/6.3.0/styles/togo.css
Requested by
Host: register.gotowebinar.com
URL: https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.192.50.213 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-54-192-50-213.jfk5.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3dbb872768011d81bcc3cbff13a184ab63329fbdde661121585f936c1998822d

Request headers

Referer
https://register.gotowebinar.com/register/1306941477552738305?source=redemail
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Mon, 26 Jun 2017 14:52:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 22 Jun 2017 22:48:15 GMT
Server
AmazonS3
Age
3889919
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css; charset=UTF-8
Via
1.1 5f5ca5852c74982e7459707a6c9e215a.cloudfront.net (CloudFront)
Cache-Control
max-age=630720000, public
Transfer-Encoding
chunked
Connection
keep-alive
X-Amz-Cf-Id
C6cGFxO-N-qPhRYavvnpsvnxFsry700VsrigYzhSc2EsvokL4d5nDg==
main.min.css
register.gotowebinar.com/0.13.0/styles/ Frame 2776 		10 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://register.gotowebinar.com/0.13.0/styles/main.min.css
Requested by
Host: register.gotowebinar.com
URL: https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.127.130 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-127-130.iad16.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a949a2e8e52eb3abb8789c079647d08d83c195693dbd80025da2588a528cd884

Request headers

Referer
https://register.gotowebinar.com/register/1306941477552738305?source=redemail
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 07 Jul 2017 23:23:49 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jul 2017 23:23:10 GMT
Server
AmazonS3
Age
2908811
ETag
"081a2f17a709af6a51765932b844ecde"
X-Cache
Hit from cloudfront
Content-Type
text/css; charset=UTF-8
Via
1.1 4ddddf0243e9305f37605c71001e5dd7.cloudfront.net (CloudFront)
Cache-Control
max-age=630720000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2779
X-Amz-Cf-Id
f_7W4GjXZMIA1Ley7qrjB7Ynq_4yS1omaBxc7aB5Ji9bJugt6FZNxA==
config.js
register.gotowebinar.com/0.13.0/ Frame 2776 		1 KB
604 B 		Script
General
Check archive.org
Download Go to
Full URL
https://register.gotowebinar.com/0.13.0/config.js
Requested by
Host: register.gotowebinar.com
URL: https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.127.130 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-127-130.iad16.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1861f5b1fa72be675846f3ba273edea924b759afd1cdd9f160ddd15325ed5f2c

Request headers

Referer
https://register.gotowebinar.com/register/1306941477552738305?source=redemail
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 07 Jul 2017 23:23:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jul 2017 23:23:08 GMT
Server
AmazonS3
Age
2908807
ETag
"5e253728c1fd5f2bcfe8a82ae422d8c0"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 4ddddf0243e9305f37605c71001e5dd7.cloudfront.net (CloudFront)
Cache-Control
max-age=630720000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
604
X-Amz-Cf-Id
KDsAzUYoSchqADw27B273hsWoVDi_XMqMbqSWnEFr3stndRqR4-AIg==
q0UCISt8.js
content.jwplatform.com/libraries/ Frame 2776 		161 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.jwplatform.com/libraries/q0UCISt8.js
Requested by
Host: register.gotowebinar.com
URL: https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:203c:d400:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
openresty /
Resource Hash
6c2ac46a21f5feaaa520aa4e7beddfc9a084e95a1393fe076261986bda541b60

Request headers

Referer
https://register.gotowebinar.com/register/1306941477552738305?source=redemail
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

date
Thu, 10 Aug 2017 15:24:00 GMT
content-encoding
gzip
server
openresty
status
200
x-cache
Miss from cloudfront
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=150, max-stale=180
content-length
50236
via
1.1 8bcdfe5c699ee9a81d92de5e160d9563.cloudfront.net (CloudFront)
x-amz-cf-id
ckcmh2oCw7XN4pEo2_GQkdVanBJkiz4z1fUc2lBlQW8v-sRD4pFG_w==
expires
Thu, 10 Aug 2017 15:25:56 GMT
main-built.js
register.gotowebinar.com/0.13.0/scripts/app/ Frame 2776 		816 KB
214 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://register.gotowebinar.com/0.13.0/scripts/app/main-built.js
Requested by
Host: register.gotowebinar.com
URL: https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.127.197 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-127-197.iad16.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6d21c17b3bb81b2655d9ef2c7ae104a1f9f9ab1bc244cb71a48ec7749985d0da

Request headers

Referer
https://register.gotowebinar.com/register/1306941477552738305?source=redemail
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 07 Jul 2017 23:23:53 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jul 2017 23:23:09 GMT
Server
AmazonS3
Age
2908808
ETag
"38e963722bc6008c99c78fe59947f375"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 e223f938e1f7716ebc7a1a8faefd0900.cloudfront.net (CloudFront)
Cache-Control
max-age=630720000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
219437
X-Amz-Cf-Id
H0A7IQ9mpcqZ0o528vqm0i7_GSCwnNqVwsO2kmbLmcCn00NQH1YUfQ==
togoicons.woff
weblibrary.cdn.citrixonline.com/togo/6.3.0/togo-icons/ Frame 2776 		0
0
lato-regular.woff2
weblibrary.cdn.citrixonline.com/togo/6.3.0/togo-fonts/ Frame 2776 		0
0
translation.json
register.gotowebinar.com/0.13.0/scripts/app-lib/locales/en/ Frame 2776 		34 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://register.gotowebinar.com/0.13.0/scripts/app-lib/locales/en/translation.json
Requested by
Host: register.gotowebinar.com
URL: https://register.gotowebinar.com/0.13.0/scripts/app/main-built.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.84.127.197 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-52-84-127-197.iad16.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3a671c5c57881af8ad4908d3a709d9cb618aa7a05f34d65dccf8ba8210df255c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://register.gotowebinar.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/59.0.3071.115 Safari/537.36

Response headers

Date
Fri, 07 Jul 2017 23:23:55 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Jul 2017 23:23:08 GMT
Server
AmazonS3
Age
2908806
ETag
"843004db1b4fdcbfe882b3c8deed4593"
X-Cache
Hit from cloudfront
Content-Type
application/json
Via
1.1 e223f938e1f7716ebc7a1a8faefd0900.cloudfront.net (CloudFront)
Cache-Control
max-age=630720000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8938
X-Amz-Cf-Id
YDs94rCDAo0SJULG1aYHpRIJQzHrFmW9HRuz1D3z97uF-dHxyKZD2A==
translation.json
register.gotowebinar.com/0.13.0/scripts/app-lib/locales/en/ Frame 2776 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
register.gotowebinar.com
URL
https://register.gotowebinar.com/register/1306941477552738305?source=redemail
Domain
weblibrary.cdn.citrixonline.com
URL
https://weblibrary.cdn.citrixonline.com/togo/6.3.0/togo-icons/togoicons.woff
Domain
weblibrary.cdn.citrixonline.com
URL
https://weblibrary.cdn.citrixonline.com/togo/6.3.0/togo-fonts/lato-regular.woff2
Domain
register.gotowebinar.com
URL
https://register.gotowebinar.com/0.13.0/scripts/app-lib/locales/en/translation.json

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Domain/Path Name / Value
.etrigue.com/ Name: a258
Value: yoM/4m87J/oeFoCX+cq6e9UnrwLfXAUs/vR7IAC201SJbrrxSNBxI6VDNg75R9reTCtQo3AuBWc%3D
.ww2.etrigue.com/ Name: a258
Value: yoM%2F4m87J%2FoeFoCX%2Bcq6e9UnrwLfXAUs%2FvR7IAC201SJbrrxSNBxI6VDNg75R9reTCtQo3AuBWc%3D
.ww2.etrigue.com/ Name: a258exit
Value: 1502378634
ww2.etrigue.com/ Name: hasLiveRampMatch
Value: true
ww2.etrigue.com/ Name: dpm_time_site
Value: 1.004
.etrigue.com/ Name: moid
Value: -1
.etrigue.com/ Name: a258exit
Value: 1502378634
ww2.etrigue.com/ Name: dpm_url_count
Value: 1
ww2.etrigue.com/ Name: php-console-server
Value: 5
ww2.etrigue.com/ Name: PHPSESSID
Value: jo5hkql9ckk0s4kcbjf8moi322

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.dpmsrv.com
content.jwplatform.com
ib.adnxs.com
register.gotowebinar.com
s.dpmsrv.com
weblibrary.cdn.citrixonline.com
ww2.etrigue.com
x.dlx.addthis.com
register.gotowebinar.com
weblibrary.cdn.citrixonline.com
2600:9000:203c:d400:1:a3fa:7cc0:93a1
37.252.172.39
37.252.172.80
38.111.197.138
52.21.177.130
52.21.22.234
52.5.195.122
52.84.127.126
52.84.127.130
52.84.127.197
54.192.50.213
1861f5b1fa72be675846f3ba273edea924b759afd1cdd9f160ddd15325ed5f2c
22deb61505dc711936373b77df9232be49e7c42899282ccd7de04e790b6807ec
315d45bb919ef43c6cd5add083b467df2cd0671341bbfe4285c9abf31d383447
39c716237a995ad6931a939988a513f796ac6542ee28a6cd7a1ab0754d9e6d8f
3a671c5c57881af8ad4908d3a709d9cb618aa7a05f34d65dccf8ba8210df255c
3dbb872768011d81bcc3cbff13a184ab63329fbdde661121585f936c1998822d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6c2ac46a21f5feaaa520aa4e7beddfc9a084e95a1393fe076261986bda541b60
6d21c17b3bb81b2655d9ef2c7ae104a1f9f9ab1bc244cb71a48ec7749985d0da
a949a2e8e52eb3abb8789c079647d08d83c195693dbd80025da2588a528cd884
ae02e5fc17cdff02d4dc9ddc7bad3c6c34889c7a8da7538da688d6534b0a3f95
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f4c6bc77a96b7947d57f863184047536d65b85cd3032b54a7b4ed926d9003c41
fbc45fe018830de401f0cf801177a57d0039bc72d922b8ff2c82af7af05dd32b
fe0541ed9ea18974511878ce8be2ee9ed79fdfd2d2c228e50165d4d7fbc4872c