Submitted URL: https://connect.mheducation.com/class/r-333-fall-2019
Effective URL: https://connect.mheducation.com/paamweb/index.html
Submission: On September 11 via manual from CA

Summary

This website contacted 5 IPs in 2 countries across 2 domains to perform 20 HTTP transactions.
The main IP is 34.233.106.211, located in Ashburn, United States and belongs to AMAZON-AES - Amazon.com, Inc., US. The main domain is connect.mheducation.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on June 4th 2018. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 6 34.233.106.211 14618 (AMAZON-AES)
9 143.204.214.15 16509 (AMAZON-02)
3 143.204.214.79 16509 (AMAZON-02)
1 18.234.10.238 14618 (AMAZON-AES)
1 3 3.121.51.57 16509 (AMAZON-02)
20 5
Domain
Subdomains
Transfer
19 mheducation.com
1 MB
3 webtrendslive.com
1 KB
20 2
Domain Requested by
9 static-cf.mheducation.com connect.mheducation.com
6 connect.mheducation.com 1 redirects static-cf.mheducation.com
3 statse.webtrendslive.com 1 redirects static-cf.mheducation.com
3 images-cf.mheducation.com connect.mheducation.com
1 newconnect.mheducation.com connect.mheducation.com
20 5

This site contains links to these domains. Also see Links.

Domain
www.connectstudentsuccess.com
mpss.mhhe.com
www.mheducation.com
Subject / Issuer Validity Valid
*.mheducation.com
DigiCert SHA2 Secure Server CA
2018-06-04 -
2020-06-08
2 years
statse.webtrendslive.com
Entrust Certification Authority - L1K
2018-10-09 -
2020-10-09
2 years

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /^AmazonS3$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

20 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
index.html
/paamweb
Redirect Chain
  • https://connect.mheducation.com/class/r-333-fall-2019
  • https://connect.mheducation.com/paamweb/index.html
5 KB
2 KB
Document
General
Full URL
https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.106.211 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-106-211.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
e28fd4f1dffdec907023aa3f029b22a55ed661bdede37ca6cdd9a61e1e130e5f

Request headers

:method
GET
:authority
connect.mheducation.com
:scheme
https
:path
/paamweb/index.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1

Response headers

status
200
date
Wed, 11 Sep 2019 14:45:23 GMT
content-type
text/html; charset=UTF-8
content-length
1765
server
AmazonS3
x-amz-id-2
1l1f8BVnukUcQtoSipyO/EO+uLFA4gsWfuuJ4GZ3fZpEDwADd3FwTZn3WxVWQCnd4QWDLLto5GE=
x-amz-request-id
F297316A0CC09FE2
last-modified
Fri, 21 Jun 2019 10:26:53 GMT
etag
"070b346876739e43989fedce21380f2c"
content-encoding
gzip
expires
Thu, 01 Jan 1970 00:00:00 GMT
accept-ranges
bytes
access-control-allow-origin
*.mheducation.com

Redirect headers

status
302
date
Wed, 11 Sep 2019 14:45:23 GMT
content-type
text/html; charset=iso-8859-1
content-length
274
location
https://connect.mheducation.com/paamweb/index.html#/registration?accessUrl=r-333-fall-2019
server
Apache
Verified vendor.css
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775
1 KB
841 B
Stylesheet
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/vendor.css
Requested by
Host: connect.mheducation.com
URL: https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dfe5b0c5c4ea22159419e3066ccf99534359734205a02be932d2ea67924f33fb
Verified resource
slick-carousel/1.5.2/slick.min.css at cdnjs.com, project slick-carousel

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:23 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 10:26:55 GMT
server
AmazonS3
age
31380
etag
"37c43e187f0d6714a3262a720ccf9f0d"
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
467
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-id
T_URt5h1dhTzfL8u6R3q9rZJSRjSiCQBwkcpNv1EA40KPQ9-r_y4og==
connect.css
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775
326 KB
50 KB
Stylesheet
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.css
Requested by
Host: connect.mheducation.com
URL: https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7c2eba2bc4782a5ddce32f5dfe7eb71a0eea82b6dc71963ad50b237640e01429

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 06:02:24 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
age
31380
etag
"4becf08760aaf6588d514e5ceccc2c71"
x-cache
Hit from cloudfront
content-type
text/css; charset=UTF-8
status
200
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
51014
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-id
0qsvvHXPSyBAZ7OVGvGMtcUDM7YvbdDLxgl3MoS73MoDuDRLsT3S6A==
mhe-connect-logo.png
images-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/img
5 KB
5 KB
Image
General
Full URL
https://images-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/img/mhe-connect-logo.png
Requested by
Host: connect.mheducation.com
URL: https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.79 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-79.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cebf23a7ac5966ffebd31f2a2aa55cb3f206cda8df0cd4f6be1a11eb763765e3

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:23 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
age
31380
etag
"c779dd022afe19bfbfbc02ba4e4405f6"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
5180
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-cf-id
Z3x5QrnNhKaisdb-ZKGHrJFJpq956C56sdLT2ehKFsSvYhGz0gJf-A==
toflow.js
newconnect.mheducation.com/flow/js
6 KB
3 KB
Script
General
Full URL
https://newconnect.mheducation.com/flow/js/toflow.js
Requested by
Host: connect.mheducation.com
URL: https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.234.10.238 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-18-234-10-238.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b7c68b8a2fec4321a2438ae8521c7c97b0c683895c9b479e31ec2add7c969ef6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:45:25 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 16:51:25 GMT
server
AmazonS3
x-amz-request-id
FF61E45375342A7A
etag
"da0a7bbaf41d945ba420ce1cd4d050b6-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=172800
accept-ranges
bytes
content-length
2132
x-amz-id-2
qKXPjURx1HPCDy1oFFcCdi4kWv6LPeaI1mGeEDeHcG8pnwTA5oThgdfqbcTo+gXozYXtT8y1hJI=
vendor.js
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775
1 MB
311 KB
Script
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/vendor.js
Requested by
Host: connect.mheducation.com
URL: https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5ba14f2bc4e8fec0cb770095d98d23ebc1112d37b7104ab3dec23144b67f50e8

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:23 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 10:26:55 GMT
server
AmazonS3
age
31380
etag
"cebbe805823d9a591639a2bc7be530a5"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
317543
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-id
KRA9A5tppdG04pVPG4tfZ83F8D8Tmpnd0sFpNp86batKY7mWL6wfpA==
ProximaNova-Regular.ttf
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts
254 KB
111 KB
Font
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts/ProximaNova-Regular.ttf
Requested by
Host: connect.mheducation.com
URL: https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3c8b5077714a7ed1f297800828ac205f523b4c5e7213167f33b39b96d8f18ca2

Request headers

Sec-Fetch-Mode
cors
Referer
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.css
Origin
https://connect.mheducation.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:25 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
31381
x-cache
Hit from cloudfront
status
200
content-length
112853
access-control-allow-origin
https://connect.mheducation.com
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
etag
"b36424d84ec5862496a4bb68041c5ee0"
access-control-max-age
172800
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
WtyxtpbXG6G0MRrZyzWcJRcEbRojewUqOu20AozFCMU4b4kkXe2n_A==
connect.js
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775
2 MB
296 KB
Script
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js
Requested by
Host: connect.mheducation.com
URL: https://connect.mheducation.com/paamweb/index.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e1111a835275831b577dc9db7b296d0964a06fd9b415c08e9c2b053611dfc26b

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:25 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
age
31382
etag
"3b5d37041422bfbd0028915dd01d6f96"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
status
200
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
301889
via
1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-id
-lcWkZXitDDjEnl2juziJlPZPZpNnyEBvsWPhuKCwOkQuPLfS94SLQ==
r-333-fall-2019?_=1568213125955
/openapi/paam/student/sectionRegistrationDetails
1 KB
705 B
XHR
General
Full URL
https://connect.mheducation.com/openapi/paam/student/sectionRegistrationDetails/r-333-fall-2019?_=1568213125955
Requested by
Host: static-cf.mheducation.com
URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.106.211 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-106-211.compute-1.amazonaws.com
Software
Apache /
Resource Hash
2ae372adc2a25dd43b8a7f335830287a8fd8fbbe80190e1d9d8ec458be9e71e9

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://connect.mheducation.com/paamweb/index.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Authorization
k
Sec-Fetch-Mode
cors

Response headers

status
200
date
Wed, 11 Sep 2019 14:45:26 GMT
content-encoding
gzip
server
Apache
access-control-allow-origin
*.mheducation.com
vary
Accept-Encoding
content-type
application/json
114716811?_=1568213125956
/openapi/common/paamenabled/sectionid
15 B
197 B
XHR
General
Full URL
https://connect.mheducation.com/openapi/common/paamenabled/sectionid/114716811?_=1568213125956
Requested by
Host: static-cf.mheducation.com
URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.106.211 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-106-211.compute-1.amazonaws.com
Software
Apache /
Resource Hash
b77536350fff83d2a19ae330524cbc676cee24c10569e9a93392ac9d32542af4

Request headers

Accept
*/*
Referer
https://connect.mheducation.com/paamweb/index.html
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

status
200
date
Wed, 11 Sep 2019 14:45:26 GMT
content-encoding
gzip
server
Apache
access-control-allow-origin
*.mheducation.com
vary
Accept-Encoding
content-type
application/json
Adblocked wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w
201 B
320 B
Script
General
Full URL
https://statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w/wtid.js?callback=Webtrends.dcss.dcsobj_0.dcsGetIdCallback
Requested by
Host: static-cf.mheducation.com
URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/vendor.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.51.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-121-51-57.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
2a0009b0640dec12ab5e6a8b83fc330587d9de0032e46d4b83978049262d9580
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 14:45:25 GMT
server
Microsoft-IIS/10.0
content-type
application/x-javascript
status
200
cache-control
no-cache
content-length
201
expires
-1
connect-logo.png
images-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/img
7 KB
7 KB
Image
General
Full URL
https://images-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/img/connect-logo.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.79 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-79.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
22a54615983779d483ae75d64f6f8384687a90615dece3964a128c54287433d1

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Sep 2019 07:39:36 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
age
111951
etag
"ec610b38d2b68b1765e3bf8e5525a6b8"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
6619
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-cf-id
yyLU9YbQcVeV807GfNeSFu_xDBty_wi1JWtjEIcMy49jG20042PNqA==
instructor_icon.png
images-cf.mheducation.com/connect/prod/paamweb/us-east-1b/img
6 KB
6 KB
Image
General
Full URL
https://images-cf.mheducation.com/connect/prod/paamweb/us-east-1b/img/instructor_icon.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.79 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-79.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4583fada98bd2fa60a2cef6eb30d537a89626c66874a30a962b0681581e80d61

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 10 Sep 2019 07:39:36 GMT
content-encoding
gzip
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
age
111951
etag
"22d63013dee8b2392bc11c69c3f3071e"
x-cache
Hit from cloudfront
content-type
image/png
status
200
cache-control
max-age=172800
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-length
5767
via
1.1 ab39b007ab81966ada6e7fb1536bf377.cloudfront.net (CloudFront)
x-amz-cf-id
fkqu_hzIXmfmRK-RmgyfdCudR7J9NKIHm3leEYvbrV3CqmP05ciE7A==
generic_cover.jpg
/sites/dl/free/1259270106/title
21 KB
21 KB
Image
General
Full URL
https://connect.mheducation.com/sites/dl/free/1259270106/title/generic_cover.jpg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.106.211 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-106-211.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
6dcc91dff2d8d74e9bb91152ebf7c94345d9b7a755dd25ec2b0bf83bc67e05f6

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:45:26 GMT
last-modified
Mon, 03 Dec 2018 16:47:54 GMT
server
AmazonS3
x-amz-request-id
44382E8D1BA3AE31
etag
"ee56ecd657255b2a64ca6a0e9c1e7366"
content-type
image/jpeg
status
200
accept-ranges
bytes
access-control-allow-origin
*.mheducation.com
content-length
21609
x-amz-id-2
ufi4q2m6KGbuUUkPjUQGYwH0SHQQQe40sU/p5kjQXW9ZjpfRj3YJzktYfPbMoM89EaKFUXGAekA=
ProximaNova-RegularIt.ttf
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts
246 KB
108 KB
Font
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts/ProximaNova-RegularIt.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c64e03a6af49571e6e88fe299bf2611aa23639da8f16d8726a33aa1baebe1716

Request headers

Sec-Fetch-Mode
cors
Referer
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.css
Origin
https://connect.mheducation.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:26 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
31381
x-cache
Hit from cloudfront
status
200
content-length
109865
access-control-allow-origin
https://connect.mheducation.com
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
etag
"f4177edffbda11ecd3f9d1bff7361368"
access-control-max-age
172800
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
aQynwwv_XUuwtkQHT5Ed7Mo_2rcu3Ptf_krPRI3GHju19JxAaOBSgg==
connectIcons.ttf
/paamweb/v1775/fonts/fonticons
33 KB
21 KB
Font
General
Full URL
https://connect.mheducation.com/paamweb/v1775/fonts/fonticons/connectIcons.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.233.106.211 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-233-106-211.compute-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
b961d96c51adb1cb1d46bd4cde25b5fefbf56036c531bdff59ba2ad5e7cb4086

Request headers

Sec-Fetch-Mode
cors
Referer
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.css
Origin
https://connect.mheducation.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 14:45:26 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-request-id
1A4CD1519FBB4F0D
status
200
content-length
20980
x-amz-id-2
TPHS/BU1rRXIFVHLofSyde93waANKRTMT/9ziYU+dD09Rp+LxmQ4GzO37LuiU9IUvEawsLtrfws=
last-modified
Fri, 21 Jun 2019 18:06:43 GMT
server
AmazonS3
etag
"81990488391bb76ea62ff1075f153773"
access-control-max-age
172800
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
access-control-allow-origin
*.mheducation.com
cache-control
max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
ProximaNovaSoft-regular-webfont.ttf
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts
58 KB
31 KB
Font
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts/ProximaNovaSoft-regular-webfont.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9e4e1a071f713c1a9ec17541ec24da65222ff9bb83ea1bb3539910157c5e660d

Request headers

Sec-Fetch-Mode
cors
Referer
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.css
Origin
https://connect.mheducation.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 06:02:26 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
31381
x-cache
Hit from cloudfront
status
200
content-length
30913
access-control-allow-origin
https://connect.mheducation.com
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
etag
"a214197fcf4d1ad9f2a0de3d96882f32"
access-control-max-age
172800
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
MgwN4-bYntqZpvR2x038sazBhZwKmwvV6SlhQgN67-V2PEvfGS_1XA==
ProximaNovaSoft-bold-webfont.ttf
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts
59 KB
31 KB
Font
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts/ProximaNovaSoft-bold-webfont.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0707289de07edbeb71f3f9212b165298a5309a163754836f5c282932d4271e8

Request headers

Sec-Fetch-Mode
cors
Referer
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.css
Origin
https://connect.mheducation.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:35 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
31381
x-cache
Hit from cloudfront
status
200
content-length
31415
access-control-allow-origin
https://connect.mheducation.com
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
etag
"4c0a0c78d0019b1b5b035cced6934eb1"
access-control-max-age
172800
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
3s2p1tz2HWk8JvKgsyaA4jTDbynDUxsA69up3bKMRSPHmDYUMUV9RQ==
ProximaNova-Semibold.ttf
static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts
247 KB
110 KB
Font
General
Full URL
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/fonts/ProximaNova-Semibold.ttf
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
143.204.214.15 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
server-143-204-214-15.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
674b04e1fa86cafb5ee29d7d3f9551cf359a102dcfb1b3a40a392235ddc30d1f

Request headers

Sec-Fetch-Mode
cors
Referer
https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.css
Origin
https://connect.mheducation.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Mon, 09 Sep 2019 05:37:30 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
31381
x-cache
Hit from cloudfront
status
200
content-length
112246
access-control-allow-origin
https://connect.mheducation.com
last-modified
Fri, 21 Jun 2019 10:26:54 GMT
server
AmazonS3
etag
"c2a02991a012586618d6795699d2b180"
access-control-max-age
172800
access-control-allow-methods
GET, PUT, POST
content-type
font/ttf
via
1.1 befe3b8553d90339ecf78e5d7cefa60b.cloudfront.net (CloudFront)
cache-control
max-age=172800
access-control-allow-credentials
true
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
x-amz-cf-id
ePlVujima7MFOm8MdUc4kPsl6AqXrkMchjG1NF3RjQIyu8zByufBKg==
Adblocked r-333-fall-2019&WT.tz=2&WT.bh=16&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4....
statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1568213126679&dcssip=connect.mheducation.com&dcsuri=/registration/signup
Redirect Chain
  • https://statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w/dcs.gif?&dcsdat=1568213126679&dcssip=connect.mheducation.com&dcsuri=/registration/signup/r-333-fall-2019&WT.tz=2&WT.bh=16&WT.ul=en-US...
  • https://statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1568213126679&dcssip=connect.mheducation.com&dcsuri=/registration/signup/r-333-fall-...
67 B
254 B
Image
General
Full URL
https://statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1568213126679&dcssip=connect.mheducation.com&dcsuri=/registration/signup/r-333-fall-2019&WT.tz=2&WT.bh=16&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.1&WT.dl=0&WT.ssl=1&WT.es=connect.mheducation.com%252Fpaamweb%252Findex.html&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1568213126676&WT.vtid=55b0d61b-66f4-4f81-87e7-603634fbbd04&WT.co_f=55b0d61b-66f4-4f81-87e7-603634fbbd04&WT.ti=Sign%2520Up&WT.a_nm=web&WT.av=unknown&WT.cg_n=Sign%2520Up&w_paam_tag=PAAM_B_20190607_1775&w_source=Connect&WT.dep=w_paam_tag%253Bw_source
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
3.121.51.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-121-51-57.eu-central-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 /
Resource Hash
09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://connect.mheducation.com/paamweb/index.html
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 14:45:25 GMT
server
Microsoft-IIS/10.0
p3p
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"
status
200
cache-control
no-cache
content-type
image/gif
content-length
67
expires
-1

Redirect headers

status
303
date
Wed, 11 Sep 2019 14:45:25 GMT
server
Microsoft-IIS/10.0
content-length
0
location
/dcs222ijh8rncfmczvsjwnu25_7w7w/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1568213126679&dcssip=connect.mheducation.com&dcsuri=/registration/signup/r-333-fall-2019&WT.tz=2&WT.bh=16&WT.ul=en-US&WT.cd=24&WT.sr=1600x1200&WT.jo=No&WT.js=Yes&WT.jv=1.5&WT.ct=unknown&WT.bs=1600x1200&WT.fv=Not%2520enabled&WT.slv=Not%2520enabled&WT.le=UTF-8&WT.tv=10.4.1&WT.dl=0&WT.ssl=1&WT.es=connect.mheducation.com%252Fpaamweb%252Findex.html&WT.ce=2&WT.vt_f_tlv=0&WT.vt_f_tlh=0&WT.vt_f_d=1&WT.vt_f_s=1&WT.vt_f_a=1&WT.vt_f=1&WT.vtvs=1568213126676&WT.vtid=55b0d61b-66f4-4f81-87e7-603634fbbd04&WT.co_f=55b0d61b-66f4-4f81-87e7-603634fbbd04&WT.ti=Sign%2520Up&WT.a_nm=web&WT.av=unknown&WT.cg_n=Sign%2520Up&w_paam_tag=PAAM_B_20190607_1775&w_source=Connect&WT.dep=w_paam_tag%253Bw_source
p3p
CP="NOI DSP COR NID ADM DEV PSA OUR IND UNI PUR COM NAV INT STA"

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://connect.mheducation.com/class/r-333-fall-2019
  • https://connect.mheducation.com/paamweb/index.html
Request 19
  • https://statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w/dcs.gif?&dcsdat=1568213126679&dcssip=connect.mheducation.com&dcsuri=/registration/signup/r-333-fall-2019&WT.tz=2&WT.bh=16&WT.ul=en-US...
  • https://statse.webtrendslive.com/dcs222ijh8rncfmczvsjwnu25_7w7w/dcs.gif?dcsredirect=126&dcstlh=0&dcstlv=0&dcsdat=1568213126679&dcssip=connect.mheducation.com&dcsuri=/registration/signup/r-333-fall-...

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| getURLParameter boolean| is_cross_domain object| callflowBuffer function| callflow function| pushCallflowBuffer function| define_cross_domain_once function| callflow_ios_native function| callflow_winapp function| is_flow_ios_native function| is_flow_qt function| is_flow_android function| is_flow_winapp function| callflow_platform function| is_flow_crossdomain function| postToFlow function| isInstructorPreview function| isMheDomain function| openVideo function| registerLinkHandler function| receiveMessageTest number| toFlowInterval function| hex_sha1 function| b64_sha1 function| str_sha1 function| hex_hmac_sha1 function| b64_hmac_sha1 function| str_hmac_sha1 function| sha1_vm_test function| core_sha1 function| sha1_ft function| sha1_kt function| core_hmac_sha1 function| safe_add function| rol function| str2binb function| binb2str function| binb2hex function| binb2b64 boolean| runningTests object| loader function| define function| requireModule function| require function| requirejs number| hexcase string| b64pad number| chrsz object| OAuth object| EmberENV function| moment object| core object| __core-js_shared__ function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| $ function| jQuery object| Handlebars object| Ember object| Em object| DS function| Mousetrap function| Hammer function| dcsMultiTrack object| Webtrends object| WebTrends object| jstz function| loadScript

0 Cookies

7 Console Messages

Source Level URL
Text
console-api log URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js, Line 64, Column7001
Message:
listenToContainer
console-api info URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js, Line 1, Column24535
Message:
flow initializer : Before if checks #/registration?accessUrl=r-333-fall-2019
console-api info URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js, Line 1, Column24814
Message:
flow initializer : check 1
console-api error URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js, Line 62, Column29172
Message:
Error loading cordova
console-api log URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js, Line 2, Column1015
Message:
%cJOURNEY :: %s :: %s
console-api info URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js, Line 2, Column1799
Message:
journey/reporters/webtrends: Initializing Webtrends version 10.4.1, dcsid is 'dcs222ijh8rncfmczvsjwnu25_7w7w'
console-api info URL: https://static-cf.mheducation.com/connect/prod/paamweb/us-east-1b/v1775/connect.js, Line 33, Column19860
Message:
Classic Connect ::

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

connect.mheducation.com
images-cf.mheducation.com
newconnect.mheducation.com
static-cf.mheducation.com
statse.webtrendslive.com


143.204.214.15
143.204.214.79
18.234.10.238
3.121.51.57
34.233.106.211

09d46019c7a75b96187202c3c8412182f27c413a9c3661857923dc8e94e91b7b
22a54615983779d483ae75d64f6f8384687a90615dece3964a128c54287433d1
2a0009b0640dec12ab5e6a8b83fc330587d9de0032e46d4b83978049262d9580
2ae372adc2a25dd43b8a7f335830287a8fd8fbbe80190e1d9d8ec458be9e71e9
3c8b5077714a7ed1f297800828ac205f523b4c5e7213167f33b39b96d8f18ca2
4583fada98bd2fa60a2cef6eb30d537a89626c66874a30a962b0681581e80d61
5ba14f2bc4e8fec0cb770095d98d23ebc1112d37b7104ab3dec23144b67f50e8
674b04e1fa86cafb5ee29d7d3f9551cf359a102dcfb1b3a40a392235ddc30d1f
6dcc91dff2d8d74e9bb91152ebf7c94345d9b7a755dd25ec2b0bf83bc67e05f6
7c2eba2bc4782a5ddce32f5dfe7eb71a0eea82b6dc71963ad50b237640e01429
9e4e1a071f713c1a9ec17541ec24da65222ff9bb83ea1bb3539910157c5e660d
a0707289de07edbeb71f3f9212b165298a5309a163754836f5c282932d4271e8
b77536350fff83d2a19ae330524cbc676cee24c10569e9a93392ac9d32542af4
b7c68b8a2fec4321a2438ae8521c7c97b0c683895c9b479e31ec2add7c969ef6
b961d96c51adb1cb1d46bd4cde25b5fefbf56036c531bdff59ba2ad5e7cb4086
c64e03a6af49571e6e88fe299bf2611aa23639da8f16d8726a33aa1baebe1716
cebf23a7ac5966ffebd31f2a2aa55cb3f206cda8df0cd4f6be1a11eb763765e3
dfe5b0c5c4ea22159419e3066ccf99534359734205a02be932d2ea67924f33fb
e1111a835275831b577dc9db7b296d0964a06fd9b415c08e9c2b053611dfc26b
e28fd4f1dffdec907023aa3f029b22a55ed661bdede37ca6cdd9a61e1e130e5f