urlscan.io logo urlscan.io
SecurityTrails logo

cs2.helsinn.stage.healthwareinternational.com Open in urlscan Pro
37.206.177.147  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://cs2.helsinn.stage.healthwareinternational.com/
Effective URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Submission Tags: phishingrod
Submission: On June 19 via api from DE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 22 HTTP transactions. The main IP is 37.206.177.147, located in Pietrasanta, Italy and belongs to ASN-IBSNAZ, IT. The main domain is cs2.helsinn.stage.healthwareinternational.com.
TLS certificate: Issued by R11 on June 19th 2024. Valid for: 3 months.
This is the only time cs2.helsinn.stage.healthwareinternational.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 37.206.177.147 3269 (ASN-IBSNAZ)
2 2a00:1450:400... 15169 (GOOGLE)
22 2
Apex Domain
Subdomains		 Transfer
21 healthwareinternational.com
cs2.helsinn.stage.healthwareinternational.com
2 MB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 745
17 KB
22 2
Domain Requested by
21 cs2.helsinn.stage.healthwareinternational.com 1 redirects cs2.helsinn.stage.healthwareinternational.com
2 ssl.google-analytics.com cs2.helsinn.stage.healthwareinternational.com
22 2

This site contains no links.

Subject Issuer Validity Valid
cs2.helsinn.stage.healthwareinternational.com
R11		 2024-06-19 -
2024-09-17		 3 months crt.sh
*.google-analytics.com
WR2		 2024-06-03 -
2024-08-26		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Frame ID: 4F07D7A05D2ED18596F0792E8CD84DC9
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Home Page | Clinical Studies Portal

Page URL History Show full URLs

  1. https://cs2.helsinn.stage.healthwareinternational.com/ HTTP 301
    https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <input[^>]+name="__VIEWSTATE
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui[.-]([\d.]*\d)[^/]*\.js
  • jquery-ui.*\.js

Page Statistics

22
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

2
Subdomains

2
IPs

2
Countries

1783 kB
Transfer

1972 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://cs2.helsinn.stage.healthwareinternational.com/ HTTP 301
    https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request default.html
cs2.helsinn.stage.healthwareinternational.com/home-page/0/
Redirect Chain
  • https://cs2.helsinn.stage.healthwareinternational.com/
  • https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
aab1992725b7564240b9054dc1c565403c8cc3641c52857a63cf4e7c63beffc9

Request headers

Accept-Language
it-IT,it;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
3686
Content-Type
text/html; charset=utf-8
Date
Wed, 19 Jun 2024 08:44:04 GMT
Server
Vary
Accept-Encoding
X-AspNet-Version

Redirect headers

Cache-Control
private
Content-Length
0
Date
Wed, 19 Jun 2024 08:44:04 GMT
Location
/home-page/0/default.html
Server
X-AspNet-Version
jquery-1.9.0.min.js
cs2.helsinn.stage.healthwareinternational.com/Js/ 		109 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/Js/jquery-1.9.0.min.js
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
f139d3c2aa67550148a8145cdfc3f4b197f0a3610ba7de7bce6ef0f8322b7284

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 16 Mar 2015 10:04:52 GMT
Server
Accept-Ranges
bytes
ETag
"b3a028a5d05fd01:0"
Content-Length
111881
Content-Type
application/javascript
jquery-ui-1.9.2.custom.css
cs2.helsinn.stage.healthwareinternational.com/Js/css/smoothness/ 		31 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/Js/css/smoothness/jquery-ui-1.9.2.custom.css
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
4f87e8adfbbd7eb89a90d645371c67b54d87810ce105421b11f71c8cd6b1cac7

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Content-Encoding
gzip
Last-Modified
Tue, 23 Jul 2013 16:51:16 GMT
Server
ETag
"01abed8c487ce1:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
7713
jquery-ui-1.9.2.custom.min.js
cs2.helsinn.stage.healthwareinternational.com/Js/ 		232 KB
232 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/Js/jquery-ui-1.9.2.custom.min.js
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
f87153921ae6b43428f4cb607b862453667493c5cbf8eaded2c378c225e9a53f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Thu, 19 Dec 2013 15:11:18 GMT
Server
Accept-Ranges
bytes
ETag
"0af3491ccfcce1:0"
Content-Length
237802
Content-Type
application/javascript
Global.js
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_Js/ 		10 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_Js/Global.js
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
952b12097ffff18eae1ccc7644ac05da61944d29da678390da4f9dc2bccfd0a8

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:14 GMT
Server
Accept-Ranges
bytes
ETag
"f55883e55328d21:0"
Content-Length
10507
Content-Type
application/javascript
jHp3LabelInside.js
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_Js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_Js/jHp3LabelInside.js
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
f0e5110737e843df8da2dbd1c0af0c007d1f6032f98090f730939bd4948910b5

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:14 GMT
Server
Accept-Ranges
bytes
ETag
"56ba85e55328d21:0"
Content-Length
2156
Content-Type
application/javascript
style.css
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/ 		150 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/style.css
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
41e69228e43e87837a0f952907be74c72e46df108f05c40b160059da0e436fbf

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2016 08:53:14 GMT
Server
ETag
"94f780e55328d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
33125
jquery.json-2.4.min.js
cs2.helsinn.stage.healthwareinternational.com/Js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/Js/jquery.json-2.4.min.js
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
efd3d75a092dfa6769fc1fe434e50453e4fc105089f70d5706ba0a53aeeaf860

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Thu, 19 Dec 2013 15:11:18 GMT
Server
Accept-Ranges
bytes
ETag
"0af3491ccfcce1:0"
Content-Length
2259
Content-Type
application/javascript
jquery.tmpl.min.js
cs2.helsinn.stage.healthwareinternational.com/Js/ 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/Js/jquery.tmpl.min.js
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
dfee1fe127c3a828a6f88e3ef6e8d1d7f8a3750e6f9d9e24520992a2294696a6

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Thu, 19 Dec 2013 15:11:18 GMT
Server
Accept-Ranges
bytes
ETag
"0af3491ccfcce1:0"
Content-Length
6007
Content-Type
application/javascript
stylePrelog.css
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/stylePrelog.css
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
7a4f30ce98504863cf41c7aeed6c4e24ee94d3ce54f8b7f4d55bc0b19ecfbb9d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2016 08:53:14 GMT
Server
ETag
"94f780e55328d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
1134
ajax-loader-banner.gif
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/ajax-loader-banner.gif
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
3d9116ebe37aa2947ae6e7bcc4e08b66e55860851643a7d20beb87205bc99bda

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:14 GMT
Server
Accept-Ranges
bytes
ETag
"187d8ae55328d21:0"
Content-Length
27431
Content-Type
image/gif
WebResource.axd
cs2.helsinn.stage.healthwareinternational.com/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/WebResource.axd?d=Av5YaCVwILmhzYWRRXUHsB1cMgRCYUqf1m2MEWBT4r0gRWuXlHfh2uB5B5yIufQ5aekDdZapmDFo-yVC6FC-un-oo93Ne2RUtxQ32bAxdrs1&t=638286137964787378
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Content-Encoding
gzip
Last-Modified
Sat, 26 Aug 2023 00:29:56 GMT
Server
X-AspNet-Version
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public
Content-Length
6007
Expires
Thu, 19 Jun 2025 08:44:05 GMT
print.css
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/ 		1 KB
943 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/print.css
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
5aada6e6b0fbd22a78a59eb366ebb99940a19b0a1a1ad0b43815c74e2d0d7ef4

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Content-Encoding
gzip
Last-Modified
Mon, 17 Oct 2016 08:53:14 GMT
Server
ETag
"33967ee55328d21:0"
Vary
Accept-Encoding
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
690
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 19 Jun 2024 07:54:57 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
2949
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17168
expires
Wed, 19 Jun 2024 09:54:57 GMT
texture_bg.png
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/ 		123 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/texture_bg.png
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
11fbc7bb7062e6bfa0466e0ec62c1c621c107a0d3216357e10c144fa8ad29998

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/style.css
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:16 GMT
Server
Accept-Ranges
bytes
ETag
"e97897e65328d21:0"
Content-Length
123
Content-Type
image/png
bgPrelogin1.png
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/bgPrelogin1.png
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/stylePrelog.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
7c102f4b1a23aef3473d07e1536d3986e82fea86ad32048e088a96afa74ec83a

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/stylePrelog.css
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:15 GMT
Server
Accept-Ranges
bytes
ETag
"1d90e2e55328d21:0"
Content-Length
1277504
Content-Type
image/png
logoPrelogNew2.png
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/logoPrelogNew2.png
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/stylePrelog.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
d54c84b05a859453baa8a9003bbaa84a15f9f805e24bd219ff9bfb72dfa84e5c

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/stylePrelog.css
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:15 GMT
Server
Accept-Ranges
bytes
ETag
"d1575ee65328d21:0"
Content-Length
8595
Content-Type
image/png
privacy.svg
cs2.helsinn.stage.healthwareinternational.com/portal/_slice/ 		526 B
737 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/portal/_slice/privacy.svg
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
d1cbb802e4d76e86897375c7136b088e7f2bd4e42d096b52e543e21fcabe1ecd

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Wed, 14 Jul 2021 15:03:11 GMT
Server
Accept-Ranges
bytes
ETag
"e1931e5dc178d71:0"
Content-Length
526
Content-Type
image/svg+xml
signIn.png
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_slice/signIn.png
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/stylePrelog.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
c04b12ba404d5a335629f7fac52b9f31204266f20b46ad4fde61db982c9fb97e

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/stylePrelog.css
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:16 GMT
Server
Accept-Ranges
bytes
ETag
"c65490e65328d21:0"
Content-Length
1282
Content-Type
image/png
fs_joey-regular-webfont.woff
cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/fs_joey-regular-webfont.woff
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/style.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
028a3a291306ea6ddbd06a72d6444dc2493c5759bc1e37b13faa27aa3280b739

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/ClinicalStudiesPortal/_css/style.css
Origin
https://cs2.helsinn.stage.healthwareinternational.com
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Mon, 17 Oct 2016 08:53:14 GMT
Server
Accept-Ranges
bytes
ETag
"33967ee55328d21:0"
Content-Length
29684
Content-Type
application/x-woff
__utm.gif
ssl.google-analytics.com/r/ 		35 B
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=257670515&utmhn=cs2.helsinn.stage.healthwareinternational.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=it-it&utmje=0&utmfl=-&utmdt=Home%20Page%20%7C%20Clinical%20Studies%20Portal&utmhid=1341339173&utmr=-&utmp=%2Fhome-page%2F0%2Fdefault.html&utmht=1718786646127&utmac=UA-48765145-1&utmcc=__utma%3D237289234.569516858.1718786646.1718786646.1718786646.1%3B%2B__utmz%3D237289234.1718786646.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2032315947&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~
Requested by
Host: cs2.helsinn.stage.healthwareinternational.com
URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 19 Jun 2024 08:44:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
favicon.ico
cs2.helsinn.stage.healthwareinternational.com/ 		34 KB
34 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cs2.helsinn.stage.healthwareinternational.com/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
37.206.177.147 Pietrasanta, Italy, ASN3269 (ASN-IBSNAZ, IT),
Reverse DNS
host-37-206-177-147.business.telecomitalia.it
Software
/
Resource Hash
b807ea9f3a5f1fb8d4146d3f8b3fd51822081d795776fc3078b82793e49c8037

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Accept-Language
it-IT,it;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

Date
Wed, 19 Jun 2024 08:44:05 GMT
Last-Modified
Thu, 07 Dec 2023 10:14:32 GMT
Server
Accept-Ranges
bytes
ETag
"b0c2e62bf628da1:0"
Content-Length
34494
Content-Type
image/x-icon

Verdicts & Comments Add Verdict or Comment

93 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage function| $ function| jQuery function| DP_jQuery_1718786645969 undefined| _dialog number| _actionCounter number| _tokenLinkOpType number| _usefulLink function| genericOpenView function| genericOpenViewWithParam function| OpenExternal function| isIdeviceApple function| openW function| emptyVideo function| bodyoverflowhidden function| bodyNoOverflow function| dialogClose function| CloseDialog function| dialogCloseAndReload function| blockHtmlForm function| RemoveTheHTMLFromTextBox function| bindExternalLinks function| Count function| getObject function| Trim function| bindAlertNotSave function| StudyStatusUpdate function| RemoveOnlyClinicalStudies object| theForm function| __doPostBack string| userName string| userPw string| tbUsername string| tbPassword string| txtpwd string| strUserStore function| clearLogin function| blurLogin function| clearPW function| blurPW function| Loading string| _idLangGlobal string| _ct string| _sa string| _st string| _th string| _pk string| curDomain string| linkEsclude object| _gaq function| WebForm_PostBackOptions function| WebForm_DoPostBackWithOptions object| __pendingCallbacks number| __synchronousCallBackIndex function| WebForm_DoCallback function| WebForm_CallbackComplete function| WebForm_ExecuteCallback function| WebForm_FillFirstAvailableSlot boolean| __nonMSDOMBrowser string| __theFormPostData object| __theFormPostCollection object| __callbackTextTypes function| WebForm_InitCallback function| WebForm_InitCallbackAddField function| WebForm_EncodeCallback object| __disabledControlArray function| WebForm_ReEnableControls function| WebForm_ReDisableControls function| WebForm_SimulateClick function| WebForm_FireDefaultButton function| WebForm_GetScrollX function| WebForm_GetScrollY function| WebForm_SaveScrollPositionSubmit function| WebForm_SaveScrollPositionOnSubmit function| WebForm_RestoreScrollPosition function| WebForm_TextBoxKeyHandler function| WebForm_TrimString function| WebForm_AppendToClassName function| WebForm_RemoveClassName function| WebForm_GetElementById function| WebForm_GetElementByTagName function| WebForm_GetElementsByTagName function| WebForm_GetElementDir function| WebForm_GetElementPosition function| WebForm_GetParentByTagName function| WebForm_SetElementHeight function| WebForm_SetElementWidth function| WebForm_SetElementX function| WebForm_SetElementY object| _gat object| gaGlobal

6 Cookies

Domain/Path Name / Value
cs2.helsinn.stage.healthwareinternational.com/ Name: HP3_USER
Value: dateCreation=2024-06-19 10:44:05&dateExpires=2024-06-19 16:04:05&idSession=c2c42db6-d672-4012-bd81-ab41f34b6cf9&IsCountryRouting=0&IsTrace=0&id=6CtBaje6O0fvPZ3LT3K%2bxA%3d%3d&title=&surname=IOsPupwBD%2fuWlGnLeVWSRw%3d%3d&name=IOsPupwBD%2fuWlGnLeVWSRw%3d%3d&profiles=&roles=&Travel.IdSite.Id=tjZM8ppkKyImKwR5nr6AvA%3d%3d&Travel.IdSite.Domain=&Travel.IdSite.Name=&Travel.IdLang.Id=kmviUvU4is8Hw6RzYDWDlA%3d%3d&Travel.IdLang.Code=J2jQAHAdVmax0VIWmojedA%3d%3d
.cs2.helsinn.stage.healthwareinternational.com/ Name: __utma
Value: 237289234.569516858.1718786646.1718786646.1718786646.1
.cs2.helsinn.stage.healthwareinternational.com/ Name: __utmc
Value: 237289234
.cs2.helsinn.stage.healthwareinternational.com/ Name: __utmz
Value: 237289234.1718786646.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.cs2.helsinn.stage.healthwareinternational.com/ Name: __utmt
Value: 1
.cs2.helsinn.stage.healthwareinternational.com/ Name: __utmb
Value: 237289234.1.10.1718786646

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://cs2.helsinn.stage.healthwareinternational.com/home-page/0/default.html
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cs2.helsinn.stage.healthwareinternational.com
ssl.google-analytics.com
2a00:1450:4001:812::2008
37.206.177.147
028a3a291306ea6ddbd06a72d6444dc2493c5759bc1e37b13faa27aa3280b739
11fbc7bb7062e6bfa0466e0ec62c1c621c107a0d3216357e10c144fa8ad29998
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
3d9116ebe37aa2947ae6e7bcc4e08b66e55860851643a7d20beb87205bc99bda
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
41e69228e43e87837a0f952907be74c72e46df108f05c40b160059da0e436fbf
4f87e8adfbbd7eb89a90d645371c67b54d87810ce105421b11f71c8cd6b1cac7
5aada6e6b0fbd22a78a59eb366ebb99940a19b0a1a1ad0b43815c74e2d0d7ef4
7a4f30ce98504863cf41c7aeed6c4e24ee94d3ce54f8b7f4d55bc0b19ecfbb9d
7c102f4b1a23aef3473d07e1536d3986e82fea86ad32048e088a96afa74ec83a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
952b12097ffff18eae1ccc7644ac05da61944d29da678390da4f9dc2bccfd0a8
aab1992725b7564240b9054dc1c565403c8cc3641c52857a63cf4e7c63beffc9
b807ea9f3a5f1fb8d4146d3f8b3fd51822081d795776fc3078b82793e49c8037
c04b12ba404d5a335629f7fac52b9f31204266f20b46ad4fde61db982c9fb97e
d1cbb802e4d76e86897375c7136b088e7f2bd4e42d096b52e543e21fcabe1ecd
d54c84b05a859453baa8a9003bbaa84a15f9f805e24bd219ff9bfb72dfa84e5c
dfee1fe127c3a828a6f88e3ef6e8d1d7f8a3750e6f9d9e24520992a2294696a6
efd3d75a092dfa6769fc1fe434e50453e4fc105089f70d5706ba0a53aeeaf860
f0e5110737e843df8da2dbd1c0af0c007d1f6032f98090f730939bd4948910b5
f139d3c2aa67550148a8145cdfc3f4b197f0a3610ba7de7bce6ef0f8322b7284
f87153921ae6b43428f4cb607b862453667493c5cbf8eaded2c378c225e9a53f