Submitted URL: http://email.patients.pgsurveying.com/?r=MTAwMQ0KMQ0KMTU3ODYyMDUzOA0KMTg5MDAwMDA wNDBlYmNmDQpodHRwczovL2VzdXJ2ZXkucHJlc3NnYW5leS5jb20vTGFuZGluZ1BhZ2UuYXNweD9waW4 9aDlmNWM0ZzliZDlwMmo0ag0KdHJ1ZQ0KRGF2aWQuSm9obnNvbjRAaGNhaGVhbHRoY2FyZS5jb20%3d
Effective URL: https://esurvey.pressganey.com/ValidationPage.aspx
Submission: On June 16 via manual from US

Summary

This website contacted 5 IPs in 1 countries across 6 domains to perform 19 HTTP transactions.
The main IP is 204.13.94.157, located in South Bend, United States and belongs to PRESSGANEY - PRESS GANEY ASSOCIATES INC, US. The main domain is esurvey.pressganey.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on June 8th 2018. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 74.119.200.10 18938 (PRESSGANEY)
1 15 204.13.94.157 18938 (PRESSGANEY)
1 172.217.16.202 15169 (GOOGLE)
2 172.217.18.168 15169 (GOOGLE)
1 151.101.114.110 54113 (FASTLY)
1 162.247.242.21 23467 (NEWRELIC-...)
19 5
Domain
Subdomains
Transfer
15 pressganey.com
145 KB
2 google-analytics.com
17 KB
2 pgsurveying.com
716 B
1 nr-data.net
260 B
1 newrelic.com
9 KB
1 ajax.googleapis.com
62 KB
19 6
Domain Requested by
15 esurvey.pressganey.com 1 redirects esurvey.pressganey.com
2 ssl.google-analytics.com esurvey.pressganey.com
2 email.patients.pgsurveying.com 2 redirects
1 bam.nr-data.net js-agent.newrelic.com
1 js-agent.newrelic.com esurvey.pressganey.com
1 ajax.googleapis.com esurvey.pressganey.com
19 6

This site contains links to these domains. Also see Links.

Domain
Subject / Issuer Validity Valid
esurvey.pressganey.com
Go Daddy Secure Certificate Authority - G2
2018-06-08 -
2019-06-08
a year

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • html /<input[^>]+name="__VIEWSTATE/i

Web
Overall confidence: 100%
Detected patterns
  • html /<input[^>]+name="__VIEWSTATE/i

Web
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
  • html /<input[^>]+name="__VIEWSTATE/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^NREUM/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
ValidationPage.aspx

Redirect Chain
  • http://email.patients.pgsurveying.com/?r=MTAwMQ0KMQ0KMTU3ODYyMDUzOA0KMTg5MDAwMDA%20wNDBlYmNmDQpodHRwczovL2VzdXJ2ZXkucHJlc3NnYW5leS5jb20vTGFuZGluZ1BhZ2UuYXNweD9waW4%209aDlmNWM0ZzliZDlwMmo0ag0KdHJ1ZQ...
  • https://email.patients.pgsurveying.com/?r=MTAwMQ0KMQ0KMTU3ODYyMDUzOA0KMTg5MDAwMDA%20wNDBlYmNmDQpodHRwczovL2VzdXJ2ZXkucHJlc3NnYW5leS5jb20vTGFuZGluZ1BhZ2UuYXNweD9waW4%209aDlmNWM0ZzliZDlwMmo0ag0KdHJ1Z...
  • https://esurvey.pressganey.com/LandingPage.aspx?pin=h9f5c4g9bd9p2j4j
  • https://esurvey.pressganey.com/ValidationPage.aspx
22 KB
22 KB
Document
General
Full URL
https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
6a6d8e62512b98a15d9c3a26a7db8fc0612fb6875c0b353a0f3f143e000c0515

Request headers

Host
esurvey.pressganey.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
87F7625BAE4783AE75A47954113879B3

Response headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Sat, 16 Jun 2018 22:31:14 GMT
Content-Length
22527

Redirect headers

Cache-Control
no-cache, no-store, must-revalidate
Pragma
no-cache
Content-Type
text/html; charset=utf-8
Expires
-1
Location
/ValidationPage.aspx
Server
Microsoft-IIS/7.5
Set-Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; path=/; HttpOnly ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418; expires=Sun, 17-Jun-2018 22:31:14 GMT; path=/
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Date
Sat, 16 Jun 2018 22:31:13 GMT
Content-Length
4971
jquery.js
ajax.googleapis.com/ajax/libs/jquery/1.5.2
214 KB
62 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.5.2/jquery.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
SPDY
Server
172.217.16.202 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f202.1e100.net
Software
sffe /
Resource Hash
e2107c8ecdb479c36d822d82bda2a8caf4429ab2d2cf9f20d5c931f75275403c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Mon, 12 Feb 2018 18:55:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10726563
status
200
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
63379
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 18:55:10 GMT
Global.css
/CSS
20 KB
4 KB
Stylesheet
General
Full URL
https://esurvey.pressganey.com/CSS/Global.css
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
178aba102d32a03ed7ddc640697e99634fa92c21786e5f33ad44f2ea2e331474

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Apr 2018 14:08:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0caecba8ce0d31:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
3806
GoogleAnalyticsSetup.js
/JavaScript
500 B
762 B
Script
General
Full URL
https://esurvey.pressganey.com/JavaScript/GoogleAnalyticsSetup.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
82a40f6635a6c92afe68147f73df1ef7aab72e2d8709b4c6b71510c078ac7745

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Last-Modified
Mon, 30 Apr 2018 14:08:37 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"806085bb8ce0d31:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
500
Core.Compressed.js
/JavaScript
9 KB
4 KB
Script
General
Full URL
https://esurvey.pressganey.com/JavaScript/Core.Compressed.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
cf06924425d7cfe23366fde0b2ebcb24c7a9c11f6935ff958d6f520a4ab4b248

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Apr 2018 14:08:37 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"806085bb8ce0d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
3913
DefaultMaster.js
2 KB
2 KB
Script
General
Full URL
https://esurvey.pressganey.com/DefaultMaster.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
b6dbcba33b834907eb993bddfaa56f86fd801553b795a72eb76942688c493a01

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Last-Modified
Mon, 30 Apr 2018 14:08:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0caecba8ce0d31:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
2210
LanguageSelectionControl.js
/UserControls
2 KB
2 KB
Script
General
Full URL
https://esurvey.pressganey.com/UserControls/LanguageSelectionControl.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7f164f7cd0af9c509e030716775646db480a7dedd723fb71e75dc42b30133add

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Last-Modified
Mon, 30 Apr 2018 14:08:37 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"806085bb8ce0d31:0"
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1997
SessionInactivityWarningControl.js
/UserControls
4 KB
1 KB
Script
General
Full URL
https://esurvey.pressganey.com/UserControls/SessionInactivityWarningControl.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
318c5291dac1210098533faba7ee03f93f2cface724b33f0d38aef17dc989d71

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Apr 2018 14:08:38 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0f71dbc8ce0d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
946
ScriptResource.axd?d=yeSNAJTOPtPimTGCAo3Llf58sNPca_RNnXVu31lrgFqTXlQprf8NYfVDrbCYm-9Lk0ZBgLGmi_z9SU1zzytHP4hnnu2qb091hhkKJVVCJpYMyPeM0&t=23c9c237
357 KB
61 KB
Script
General
Full URL
https://esurvey.pressganey.com/ScriptResource.axd?d=yeSNAJTOPtPimTGCAo3Llf58sNPca_RNnXVu31lrgFqTXlQprf8NYfVDrbCYm-9Lk0ZBgLGmi_z9SU1zzytHP4hnnu2qb091hhkKJVVCJpYMyPeM0&t=23c9c237
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
2451cbc97f8f8738a787e931e25094e734515e9faf5c1c5d26f044e8f3127147

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:13 GMT
Content-Encoding
gzip
Last-Modified
Sat, 16 Jun 2018 07:16:21 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
61898
Expires
Sun, 16 Jun 2019 07:16:21 GMT
ValidationPage.aspx?_TSM_HiddenField_=ctl00_ScriptManager_HiddenField&_TSM_CombinedScripts_=%3b%3bAjaxControlToolkit%2c+Version%3d4.1.7.123%2c+Culture%3dneutral%2c+PublicKeyToken%3d28f01b0e84b6d53e...
131 KB
29 KB
Script
General
Full URL
https://esurvey.pressganey.com/ValidationPage.aspx?_TSM_HiddenField_=ctl00_ScriptManager_HiddenField&_TSM_CombinedScripts_=%3b%3bAjaxControlToolkit%2c+Version%3d4.1.7.123%2c+Culture%3dneutral%2c+PublicKeyToken%3d28f01b0e84b6d53e%3aen-US%3a44981e4a-f654-4c69-b806-cb922fc13d56%3a475a4ef5%3aeffe2a26%3a751cdd15%3a5546a2b%3adfad98a5%3ad2e10b12%3a37e2e5c9%3a497ef277%3aa43b07eb%3a1d3ed089%3a3cf12cf1
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
fa5e14334950a3ee8f309c29e514d15b159ecebb2a8ba9dd5079ff5d50c32e23

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:13 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Apr 2018 14:08:38 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
28918
Expires
Sun, 16 Jun 2019 22:31:14 GMT
AutoSaveService.UnCompressed.js
/JavaScript
14 KB
2 KB
Script
General
Full URL
https://esurvey.pressganey.com/JavaScript/AutoSaveService.UnCompressed.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
50dd5df9d39a9c2b909afeafb368d62e223511b65b821459d7f460b1b8bbabce

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
*/*
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Content-Encoding
gzip
Last-Modified
Mon, 30 Apr 2018 14:08:37 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"806085bb8ce0d31:0"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Accept-Ranges
bytes
Content-Length
1376
GetFile.ashx?FileID=47877
15 KB
15 KB
Image
General
Full URL
https://esurvey.pressganey.com/GetFile.ashx?FileID=47877
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
d6cba6e50b468b1b28cc5722f1b6f3256e0f94c69d09b969bed5804c351b889a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418; __utma=216549890.219028371.1529188274.1529188274.1529188274.1; __utmc=216549890; __utmz=216549890.1529188274.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=216549890.1.10.1529188274
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
application/x-unknown
Cache-Control
private
Content-disposition
filename="47877.jpg"
Content-Length
14915
ga.js
ssl.google-analytics.com
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/JavaScript/GoogleAnalyticsSetup.js
Protocol
SPDY
Server
172.217.18.168 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3631
date
Sat, 16 Jun 2018 21:30:43 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
17168
expires
Sat, 16 Jun 2018 23:30:43 GMT
bg.jpg
/images
464 B
711 B
Image
General
Full URL
https://esurvey.pressganey.com/images/bg.jpg
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
7f09203a9f0d25d9f242da61861fdb67dfd284eedba9798d72b8ceb60efc48f6

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://esurvey.pressganey.com/CSS/Global.css
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/CSS/Global.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Last-Modified
Mon, 30 Apr 2018 14:08:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0caecba8ce0d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
464
Adblocked __utm.gif?utmwv=5.7.2&utms=1&utmn=1546285073&utmhn=esurvey.pressganey.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1472248824&utmr=-&utmp=%2FValid...
ssl.google-analytics.com/r
35 B
199 B
Image
General
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1546285073&utmhn=esurvey.pressganey.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmhid=1472248824&utmr=-&utmp=%2FValidationPage.aspx&utmht=1529188274223&utmac=UA-40055183-1&utmcc=__utma%3D216549890.219028371.1529188274.1529188274.1529188274.1%3B%2B__utmz%3D216549890.1529188274.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1102297390&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
SPDY
Server
172.217.18.168 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s29-in-f8.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 16 Jun 2018 22:31:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
footerbg2.jpg
/images
373 B
620 B
Image
General
Full URL
https://esurvey.pressganey.com/images/footerbg2.jpg
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
774a84ab210c8250d62d92667656ada43b9a6a1551a3666c4aea7a9da5dedb7e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://esurvey.pressganey.com/CSS/Global.css
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418; __utma=216549890.219028371.1529188274.1529188274.1529188274.1; __utmc=216549890; __utmz=216549890.1529188274.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=216549890.1.10.1529188274
Connection
keep-alive
Cache-Control
no-cache
Referer
https://esurvey.pressganey.com/CSS/Global.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Last-Modified
Mon, 30 Apr 2018 14:08:36 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
ASP.NET
ETag
"0caecba8ce0d31:0"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
373
SetTimeZoneOffset
/Services/AutoSaveService.svc
10 B
236 B
XHR
General
Full URL
https://esurvey.pressganey.com/Services/AutoSaveService.svc/SetTimeZoneOffset
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ScriptResource.axd?d=yeSNAJTOPtPimTGCAo3Llf58sNPca_RNnXVu31lrgFqTXlQprf8NYfVDrbCYm-9Lk0ZBgLGmi_z9SU1zzytHP4hnnu2qb091hhkKJVVCJpYMyPeM0&t=23c9c237
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
204.13.94.157 South Bend, United States, ASN18938 (PRESSGANEY - PRESS GANEY ASSOCIATES INC, US),
Reverse DNS
Software
Microsoft-IIS/7.5 / ASP.NET
Resource Hash
780e1b18e0904b2686e7e68ae54ea50056ef4e5667be2a918485704234516280

Request headers

Pragma
no-cache
Origin
https://esurvey.pressganey.com
Accept-Encoding
gzip, deflate
Host
esurvey.pressganey.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json; charset=UTF-8
Accept
*/*
Cache-Control
no-cache
X-Requested-With
XMLHttpRequest
Cookie
ASP.NET_SessionId=cspfotb3rioq5z5vw14qogya; ElectronicSurveyCookie=CookieToken=fcbfe069-7b48-4628-82c5-335786a96418; __utma=216549890.219028371.1529188274.1529188274.1529188274.1; __utmc=216549890; __utmz=216549890.1529188274.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=216549890.1.10.1529188274
Connection
keep-alive
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Content-Length
20
Referer
https://esurvey.pressganey.com/ValidationPage.aspx
Origin
https://esurvey.pressganey.com
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

Date
Sat, 16 Jun 2018 22:31:14 GMT
Cache-Control
private
Server
Microsoft-IIS/7.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Length
10
Content-Type
application/json; charset=utf-8
Adblocked nr-1071.min.js
js-agent.newrelic.com
23 KB
9 KB
Script
General
Full URL
https://js-agent.newrelic.com/nr-1071.min.js
Requested by
Host: esurvey.pressganey.com
URL: https://esurvey.pressganey.com/ValidationPage.aspx
Protocol
SPDY
Server
151.101.114.110 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date
Sat, 16 Jun 2018 22:31:14 GMT
content-encoding
gzip
x-amz-request-id
4FA97F9146AC1E0C
x-cache
HIT
status
200
content-length
9086
x-amz-id-2
2u+ePBLq0i+86Rc6Ty4s1JjLllOr+DvppPFIKi56RBFSrYzKnBNjQJjsdHXpgMCr0P5LWmRHmOY=
x-served-by
cache-hhn1540-HHN
last-modified
Wed, 28 Feb 2018 23:33:31 GMT
server
AmazonS3
x-timer
S1529188275.804036,VS0,VE0
etag
"a1a545c95f313a230157b47dca555c25"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
59457
Adblocked ValidationPage.aspx&ap=152&be=1563&fe=2391&dc=2293&perf=%7B%22timing%22:%7B%22of%22:1529188272408,%22n%22:0,%22f%22:1558,%22dn%22:1558,%22dne%22:1558,%22c%22:1558,%22ce%22:1558,%22rq%22:1295,%22rp%...
bam.nr-data.net/1/ffe7434455?a=31599772&v=1071.385e752&to=NldWZ0JWWkdQW0QPCQ8ddWBgGEJVXVFUBxIIXVpDUVBRGlBLQB4%3D&rst=2403&ref=https://esurvey.pressganey.com
57 B
260 B
Script
General
Full URL
https://bam.nr-data.net/1/ffe7434455?a=31599772&v=1071.385e752&to=NldWZ0JWWkdQW0QPCQ8ddWBgGEJVXVFUBxIIXVpDUVBRGlBLQB4%3D&rst=2403&ref=https://esurvey.pressganey.com/ValidationPage.aspx&ap=152&be=1563&fe=2391&dc=2293&perf=%7B%22timing%22:%7B%22of%22:1529188272408,%22n%22:0,%22f%22:1558,%22dn%22:1558,%22dne%22:1558,%22c%22:1558,%22ce%22:1558,%22rq%22:1295,%22rp%22:1556,%22rpe%22:1662,%22dl%22:1558,%22di%22:2293,%22ds%22:2293,%22de%22:2301,%22dc%22:2391,%22l%22:2391,%22le%22:2391%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by
Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1071.min.js
Protocol
HTTP/1.1
Server
162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1 - New Relic, US),
Reverse DNS
bam-9.nr-data.net
Software
/
Resource Hash
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://esurvey.pressganey.com/ValidationPage.aspx
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Length
57
Content-Type
text/javascript;charset=ISO-8859-1

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://email.patients.pgsurveying.com/?r=MTAwMQ0KMQ0KMTU3ODYyMDUzOA0KMTg5MDAwMDA%20wNDBlYmNmDQpodHRwczovL2VzdXJ2ZXkucHJlc3NnYW5leS5jb20vTGFuZGluZ1BhZ2UuYXNweD9waW4%209aDlmNWM0ZzliZDlwMmo0ag0KdHJ1ZQ...
  • https://email.patients.pgsurveying.com/?r=MTAwMQ0KMQ0KMTU3ODYyMDUzOA0KMTg5MDAwMDA%20wNDBlYmNmDQpodHRwczovL2VzdXJ2ZXkucHJlc3NnYW5leS5jb20vTGFuZGluZ1BhZ2UuYXNweD9waW4%209aDlmNWM0ZzliZDlwMmo0ag0KdHJ1Z...
  • https://esurvey.pressganey.com/LandingPage.aspx?pin=h9f5c4g9bd9p2j4j
  • https://esurvey.pressganey.com/ValidationPage.aspx

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| NREUM object| newrelic function| __nr_require function| $ function| jQuery object| _gaq object| HTMLControls function| EventArgs function| TextBoxValueChangeEventArgs function| KeyCodeEventArgs function| BeforeWindowCloseEventArgs function| ValueChangeEventArgs function| PressGaney object| _gat object| gaGlobal function| DefaultMaster function| IsPageDirty function| SetPageDirty function| SetPageNotDirty function| $get function| $create function| $addHandler function| $addHandlers function| $clearHandlers object| Sys function| Type function| $removeHandler object| _events function| $find object| $common object| CommonToolkitScripts object| $AA function| gtc object| PressGaneyServices object| __ctl4 object| __ctl3 object| __ctl5 object| __ctl6 object| __ctl7 object| __ctl8 object| __ctl2

7 Cookies

Domain/Path Name / Value
.esurvey.pressganey.com/ Name: __utmb
Value: 216549890.1.10.1529188274
.esurvey.pressganey.com/ Name: __utmt
Value: 1
.esurvey.pressganey.com/ Name: __utmz
Value: 216549890.1529188274.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.esurvey.pressganey.com/ Name: __utmc
Value: 216549890
.esurvey.pressganey.com/ Name: __utma
Value: 216549890.219028371.1529188274.1529188274.1529188274.1
esurvey.pressganey.com/ Name: ElectronicSurveyCookie
Value: CookieToken=fcbfe069-7b48-4628-82c5-335786a96418
esurvey.pressganey.com/ Name: ASP.NET_SessionId
Value: cspfotb3rioq5z5vw14qogya

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ajax.googleapis.com
bam.nr-data.net
email.patients.pgsurveying.com
esurvey.pressganey.com
js-agent.newrelic.com
ssl.google-analytics.com


151.101.114.110
162.247.242.21
172.217.16.202
172.217.18.168
204.13.94.157
74.119.200.10

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
178aba102d32a03ed7ddc640697e99634fa92c21786e5f33ad44f2ea2e331474
2451cbc97f8f8738a787e931e25094e734515e9faf5c1c5d26f044e8f3127147
318c5291dac1210098533faba7ee03f93f2cface724b33f0d38aef17dc989d71
50dd5df9d39a9c2b909afeafb368d62e223511b65b821459d7f460b1b8bbabce
56097e8b7ceb27db42a5e102af6d11dfdcaee13d8716477a8e242b4957d7a280
6a6d8e62512b98a15d9c3a26a7db8fc0612fb6875c0b353a0f3f143e000c0515
774a84ab210c8250d62d92667656ada43b9a6a1551a3666c4aea7a9da5dedb7e
780e1b18e0904b2686e7e68ae54ea50056ef4e5667be2a918485704234516280
7f09203a9f0d25d9f242da61861fdb67dfd284eedba9798d72b8ceb60efc48f6
7f164f7cd0af9c509e030716775646db480a7dedd723fb71e75dc42b30133add
82a40f6635a6c92afe68147f73df1ef7aab72e2d8709b4c6b71510c078ac7745
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
b6dbcba33b834907eb993bddfaa56f86fd801553b795a72eb76942688c493a01
cf06924425d7cfe23366fde0b2ebcb24c7a9c11f6935ff958d6f520a4ab4b248
d6cba6e50b468b1b28cc5722f1b6f3256e0f94c69d09b969bed5804c351b889a
e2107c8ecdb479c36d822d82bda2a8caf4429ab2d2cf9f20d5c931f75275403c
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23
fa5e14334950a3ee8f309c29e514d15b159ecebb2a8ba9dd5079ff5d50c32e23