Submitted URL: https://u5610445.ct.sendgrid.net/ls/click?upn=7lnobmd1KMZTSL7l0Ztuxy3NRDM0mZx8-2BoYsq9H2MNqFufuicxlfWLTrdco-2FT91-2BM_FM_ch7qbPF7...
Effective URL: https://amgen.recruitmentrequests.com/login
Submission: On June 30 via manual from US

Summary

This website contacted 5 IPs in 2 countries across 6 domains to perform 24 HTTP transactions. The main IP is 70.32.90.12, located in Culver City, United States and belongs to GO-DADDY-COM-LLC, US. The main domain is amgen.recruitmentrequests.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 12th 2020. Valid for: 3 months.
This is the only time amgen.recruitmentrequests.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 167.89.118.35 11377 (SENDGRID)
1 13 70.32.90.12 398110 (GO-DADDY-...)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.139.128.8 20446 (HIGHWINDS3)
6 2606:2800:234... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
24 5
Domain Requested by
13 amgen.recruitmentrequests.com 1 redirects amgen.recruitmentrequests.com
6 fast.fonts.net amgen.recruitmentrequests.com
fast.fonts.net
2 kit-pro.fontawesome.com kit.fontawesome.com
2 www.google-analytics.com www.googletagmanager.com
amgen.recruitmentrequests.com
1 kit.fontawesome.com amgen.recruitmentrequests.com
1 www.googletagmanager.com amgen.recruitmentrequests.com
1 u5610445.ct.sendgrid.net 1 redirects
24 7

This site contains no links.

Subject Issuer Validity Valid
amgen.recruitmentrequests.com
Let's Encrypt Authority X3
2020-06-12 -
2020-09-10
3 months crt.sh
*.google-analytics.com
GTS CA 1O1
2020-06-10 -
2020-09-02
3 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA
2019-10-28 -
2020-12-23
a year crt.sh
s9.wac.edgecastcdn.net
DigiCert SHA2 Secure Server CA
2019-01-16 -
2021-02-03
2 years crt.sh

This page contains 1 frames:

Primary Page: https://amgen.recruitmentrequests.com/login
Frame ID: 828D8E14485EC54805C67EC51728950B
Requests: 24 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://u5610445.ct.sendgrid.net/ls/click?upn=7lnobmd1KMZTSL7l0Ztuxy3NRDM0mZx8-2BoYsq9H2MNqFufuicxlfWLTrdco-2... HTTP 302
    https://amgen.recruitmentrequests.com/ HTTP 302
    https://amgen.recruitmentrequests.com/login Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • html /<script[^>]* src=[^>]+fontawesome(?:\.js)?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

24
Requests

100 %
HTTPS

50 %
IPv6

6
Domains

7
Subdomains

5
IPs

2
Countries

1679 kB
Transfer

4401 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://u5610445.ct.sendgrid.net/ls/click?upn=7lnobmd1KMZTSL7l0Ztuxy3NRDM0mZx8-2BoYsq9H2MNqFufuicxlfWLTrdco-2FT91-2BM_FM_ch7qbPF7Q8mwu-2FV66GeBFtU23s5TUHIS4sjEmm2zu4HaRNLpvc8PaWs5VRSI10EAer1vZKFlvcXb5Wr7sWBDTpCtv-2FEW4zY-2BksCQEBhlyq1El5oUOPA55rqLUsRH7cLGdNbfTMP89f4bb5sZnMHcFQZU3YrDlrYawkzHNp12fUX2PrKnlcyl5ru5jNQx1e8HolGT0CLPjCpkmGpkKVIQFv3TVPK-2FgSLIPgzgXZJ8Bi8-3D HTTP 302
    https://amgen.recruitmentrequests.com/ HTTP 302
    https://amgen.recruitmentrequests.com/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request login
amgen.recruitmentrequests.com/
Redirect Chain
  • https://u5610445.ct.sendgrid.net/ls/click?upn=7lnobmd1KMZTSL7l0Ztuxy3NRDM0mZx8-2BoYsq9H2MNqFufuicxlfWLTrdco-2FT91-2BM_FM_ch7qbPF7Q8mwu-2FV66GeBFtU23s5TUHIS4sjEmm2zu4HaRNLpvc8PaWs5VRSI10EAer1vZKFlvc...
  • https://amgen.recruitmentrequests.com/
  • https://amgen.recruitmentrequests.com/login
6 KB
2 KB
Document
General
Full URL
https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PHP/7.3.19 PleskLin
Resource Hash
eab28282f2388625b1beccad1080fc55d5750e745b079f612be246a4aefe0894

Request headers

:method
GET
:authority
amgen.recruitmentrequests.com
:scheme
https
:path
/login
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
XSRF-TOKEN=eyJpdiI6Ind6NGdXbi9hamJucUFnZ0ZwSXBZdkE9PSIsInZhbHVlIjoibU1SOTVTclpGUFdpWHMzTjVOcHV2VVErdXovTlZBK3Z0MnhnWXI4RnlSdytjclpCNm43UkpqNWJFd2lqN2U2TyIsIm1hYyI6IjhiZjA4ODNkOTI3N2ZkYzNjNTFkMmEyNTU2M2QxNWUwNjg3NDQ2OGIyOGE1ZGJhOTViYTA4MWE1ODBmMzIwOWMifQ%3D%3D; amgen_extranet_session=eyJpdiI6IklMV2k2aXFSR1hUUEUzZTl4cHQrdXc9PSIsInZhbHVlIjoiMWxpdGlORUxmRW11WHcxR3d3T1NVcGp4bS83S01NeHRST2RLMnNRcU9VK1pPdGxjVmliUFdrTlRaVEs3RVlZUyIsIm1hYyI6ImI0N2RkNmEzZTRkMmQzYTdhOGViZDJmYWRhZGEzMmM3ZGFjZmYzMjY5Y2Y4ZmEwZGYyOGEwMDUwMzYyYWRiNzYifQ%3D%3D
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 30 Jun 2020 02:43:19 GMT
content-type
text/html; charset=UTF-8
content-length
1565
x-powered-by
PHP/7.3.19 PleskLin
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
set-cookie
XSRF-TOKEN=eyJpdiI6Ikc0akY3T1liYTlZQ01XRnUwRStSdXc9PSIsInZhbHVlIjoiYmtYQmMxWXppSnJMSmczb3NzZmdkbml2bnp5dmdtUlB2WXpqVm1hVi9Cd1NBYUFTRjYxRGNJT3d0amFEekZ6NSIsIm1hYyI6ImY3ZWZiZTMwMDAyNjVlZjg0YmFlNzY4ZDAyYTg3ZjQ0MmE5MzI3YWQxNTg1YWViZThlZDMwNzNhMjJkMTU2YTYifQ%3D%3D; expires=Tue, 30-Jun-2020 04:43:19 GMT; Max-Age=7200; path=/ amgen_extranet_session=eyJpdiI6Ik04RFhvWk0zUVlGbmU0T3duVE5lUWc9PSIsInZhbHVlIjoieEVJU2lFZHFCekVFc0VPL2x4VXlkVWxPcjIvcEQvM3cwTUt1Y0RKd1U0d0NVZlJuak9OcWp0L2VHQk9kOXZOaSIsIm1hYyI6Ijk3NzdlODEyZjgzYjI2ODFmN2RiOWJjM2QwMzIzNDcwMTZkZGJlYjExNjg4NzkyZjU3YmE3ZjlmMjkxZDE3YTQifQ%3D%3D; expires=Tue, 30-Jun-2020 04:43:19 GMT; Max-Age=7200; path=/; httponly
vary
Accept-Encoding
content-encoding
gzip

Redirect headers

status
302
server
nginx
date
Tue, 30 Jun 2020 02:43:18 GMT
content-type
text/html; charset=UTF-8
content-length
208
x-powered-by
PHP/7.3.19 PleskLin
cache-control
private, must-revalidate
pragma
no-cache
expires
-1
set-cookie
XSRF-TOKEN=eyJpdiI6Ind6NGdXbi9hamJucUFnZ0ZwSXBZdkE9PSIsInZhbHVlIjoibU1SOTVTclpGUFdpWHMzTjVOcHV2VVErdXovTlZBK3Z0MnhnWXI4RnlSdytjclpCNm43UkpqNWJFd2lqN2U2TyIsIm1hYyI6IjhiZjA4ODNkOTI3N2ZkYzNjNTFkMmEyNTU2M2QxNWUwNjg3NDQ2OGIyOGE1ZGJhOTViYTA4MWE1ODBmMzIwOWMifQ%3D%3D; expires=Tue, 30-Jun-2020 04:43:18 GMT; Max-Age=7200; path=/ amgen_extranet_session=eyJpdiI6IklMV2k2aXFSR1hUUEUzZTl4cHQrdXc9PSIsInZhbHVlIjoiMWxpdGlORUxmRW11WHcxR3d3T1NVcGp4bS83S01NeHRST2RLMnNRcU9VK1pPdGxjVmliUFdrTlRaVEs3RVlZUyIsIm1hYyI6ImI0N2RkNmEzZTRkMmQzYTdhOGViZDJmYWRhZGEzMmM3ZGFjZmYzMjY5Y2Y4ZmEwZGYyOGEwMDUwMzYyYWRiNzYifQ%3D%3D; expires=Tue, 30-Jun-2020 04:43:18 GMT; Max-Age=7200; path=/; httponly
location
https://amgen.recruitmentrequests.com/login
vary
Accept-Encoding
content-encoding
gzip
js
www.googletagmanager.com/gtag/
84 KB
33 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-152945413-1
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2c0599464439ec9b3dd67d6a2d2d46f5c1d1ce7d4fa42515e176d66589e21982
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
br
vary
Accept-Encoding
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33710
x-xss-protection
0
last-modified
Tue, 30 Jun 2020 00:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 30 Jun 2020 02:43:19 GMT
7b73645675.js
kit.fontawesome.com/
4 KB
2 KB
Script
General
Full URL
https://kit.fontawesome.com/7b73645675.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
1f9609007e6342426977fbfa172a4a26a55287f2f11feb0fad8afd834030164c

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
last-modified
Wed, 03 Jul 2019 21:13:38 GMT
status
200
etag
"b203f0c531b9542d1323411795264322"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1593484999.cds043.pa1.hn,1593484999.cds024.pa1.sc,1593484999.cds024.pa1.p
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, private, must-revalidate
access-control-allow-methods
GET
accept-ranges
bytes
5b1bd4e6-f56d-4cfa-88b1-07daf3d39816.js
fast.fonts.net/jsapi/
7 KB
3 KB
Script
General
Full URL
https://fast.fonts.net/jsapi/5b1bd4e6-f56d-4cfa-88b1-07daf3d39816.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/4185) /
Resource Hash
894b696b5843c3c55a32634da7e60f66f7f562d8c4ec628f3e4b757864ecde82

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
last-modified
Wed, 17 Jun 2020 17:36:23 GMT
server
ECS (fcn/4185)
age
1065433
status
200
etag
"588348814+gzip"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
2855
expires
Tue, 07 Jul 2020 02:43:19 GMT
app.css
amgen.recruitmentrequests.com/css/
470 KB
75 KB
Stylesheet
General
Full URL
https://amgen.recruitmentrequests.com/css/app.css
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
8a25fced8f678e38b51a5c89a0ce83844ae782f29f712430b404ff9ddca05c42

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5e8cae5b-75894"
last-modified
Tue, 07 Apr 2020 16:46:19 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
logo.svg
amgen.recruitmentrequests.com/images/
519 KB
520 KB
Image
General
Full URL
https://amgen.recruitmentrequests.com/images/logo.svg
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
6e085b9cd7b08de1c5e0414f59cbe40b3c143afbef7378d72f28b68c9a5e654c

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
etag
"5da77dd6-81dbd"
last-modified
Wed, 16 Oct 2019 20:30:14 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/svg+xml
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
531901
expires
Thu, 30 Jul 2020 02:43:19 GMT
logo-white.png
amgen.recruitmentrequests.com/images/
7 KB
8 KB
Image
General
Full URL
https://amgen.recruitmentrequests.com/images/logo-white.png
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
43b92c41c0aad66089134751ab4faa56cb0877cb80a77d6c5b7ad72421424a6b

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
etag
"5da77dd6-1d58"
last-modified
Wed, 16 Oct 2019 20:30:14 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/png
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
7512
expires
Thu, 30 Jul 2020 02:43:19 GMT
manifest.js
amgen.recruitmentrequests.com/js/
6 KB
2 KB
Script
General
Full URL
https://amgen.recruitmentrequests.com/js/manifest.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
bf0cc943afa0b52923b7acac778eb961f5c9d4765b7a942483f507602e62622d

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5e57f00a-183b"
last-modified
Thu, 27 Feb 2020 16:36:26 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
vendor.js
amgen.recruitmentrequests.com/js/
2 MB
500 KB
Script
General
Full URL
https://amgen.recruitmentrequests.com/js/vendor.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
97afa861b91d54ed1dd25e13c9a9d92304d447b83dc60c93a71f20a272098ae0

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5e57f00a-1c38d3"
last-modified
Thu, 27 Feb 2020 16:36:26 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
wysihtml.js
amgen.recruitmentrequests.com/js/
641 KB
168 KB
Script
General
Full URL
https://amgen.recruitmentrequests.com/js/wysihtml.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
315c9ec6ab6dd613d0048f81a8bf22e8bf87018d0dd98e1787e5982b4d2f1bec

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5dd84f6d-a031b"
last-modified
Fri, 22 Nov 2019 21:13:17 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
wysihtml.toolbar.js
amgen.recruitmentrequests.com/js/
34 KB
8 KB
Script
General
Full URL
https://amgen.recruitmentrequests.com/js/wysihtml.toolbar.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
9f80ff2e0de04ac5959030d6fe43bb2c365e47b22cb6a35ebcdcd2681704f15e

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5dd84f6d-89ba"
last-modified
Fri, 22 Nov 2019 21:13:17 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
advanced.js
amgen.recruitmentrequests.com/js/
18 KB
4 KB
Script
General
Full URL
https://amgen.recruitmentrequests.com/js/advanced.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
beee629874bf3de1d34434a486f513d5ff00df76fb6f143d691a7f4e6ad83d64

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5dd84f6d-47fa"
last-modified
Fri, 22 Nov 2019 21:13:17 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
app.js
amgen.recruitmentrequests.com/js/
156 KB
46 KB
Script
General
Full URL
https://amgen.recruitmentrequests.com/js/app.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
cf6218991ac3b5cb482c82263896f7c0f8c1a592aee09be75bcc90f6e7f6e2d0

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5e8cae5c-26f3e"
last-modified
Tue, 07 Apr 2020 16:46:20 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
foundation-datepicker.min.js
amgen.recruitmentrequests.com/js/
27 KB
8 KB
Script
General
Full URL
https://amgen.recruitmentrequests.com/js/foundation-datepicker.min.js
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
512452f7aaa3be22da7ec78f06226bb99d38b116e870bc22616b5c31cdc09147

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
etag
W/"5dbc8b90-6b1f"
last-modified
Fri, 01 Nov 2019 19:46:24 GMT
server
nginx
x-powered-by
PleskLin
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=2592000
expires
Thu, 30 Jul 2020 02:43:19 GMT
analytics.js
www.google-analytics.com/
45 KB
18 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-152945413-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 04 Jun 2020 23:38:14 GMT
server
Golfe2
age
221
date
Tue, 30 Jun 2020 02:39:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18469
expires
Tue, 30 Jun 2020 04:39:38 GMT
mt.js
fast.fonts.net/jsapi/core/
25 KB
9 KB
Script
General
Full URL
https://fast.fonts.net/jsapi/core/mt.js
Requested by
Host: fast.fonts.net
URL: https://fast.fonts.net/jsapi/5b1bd4e6-f56d-4cfa-88b1-07daf3d39816.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418B) /
Resource Hash
52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
last-modified
Wed, 24 Apr 2019 06:54:19 GMT
server
ECS (fcn/418B)
age
1107948
status
200
etag
"3050505074"
vary
Accept-Encoding
x-cache
HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
9413
expires
Tue, 07 Jul 2020 02:43:19 GMT
pro-v4-shims.min.css
kit-pro.fontawesome.com/releases/latest/css/
26 KB
4 KB
Stylesheet
General
Full URL
https://kit-pro.fontawesome.com/releases/latest/css/pro-v4-shims.min.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b73645675.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
49c4a1267ea4af47bb475f705ba36e0847ae383b85d75fd1e4ac4caee944b6fd

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 20:12:12 GMT
status
200
etag
"1592511132"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1593484999.cds043.pa1.hn,1593484999.cds047.pa1.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, private, must-revalidate
access-control-allow-methods
GET
accept-ranges
bytes
content-length
4384
pro.min.css
kit-pro.fontawesome.com/releases/latest/css/
305 KB
54 KB
Stylesheet
General
Full URL
https://kit-pro.fontawesome.com/releases/latest/css/pro.min.css
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/7b73645675.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.8 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
aac706ab338889e961d2544a88602b55f1f50686ab144aa6b131664846a0ff90

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
content-encoding
gzip
last-modified
Thu, 18 Jun 2020 20:12:20 GMT
status
200
etag
"1592511140"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-hw
1593484999.cds043.pa1.hn,1593484999.cds035.pa1.c
content-type
text/css
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, private, must-revalidate
access-control-allow-methods
GET
accept-ranges
bytes
content-length
55563
1.css
fast.fonts.net/t/
0
87 B
Stylesheet
General
Full URL
https://fast.fonts.net/t/1.css?apiType=js&projectid=5b1bd4e6-f56d-4cfa-88b1-07daf3d39816
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41AE) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
last-modified
Wed, 21 Feb 2018 12:55:22 GMT
server
ECS (fcn/41AE)
age
6447497
etag
"616070693"
status
200
x-cache
HIT
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
accept-ranges
bytes
content-length
0
expires
Tue, 07 Jul 2020 02:43:19 GMT
collect
www.google-analytics.com/r/
35 B
98 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j83&a=1161461154&t=pageview&_s=1&dl=https%3A%2F%2Famgen.recruitmentrequests.com%2Flogin&ul=en-us&de=UTF-8&dt=Amgen%20Extranet&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1839599694&gjid=675853057&cid=521522397.1593484999&tid=UA-152945413-1&_gid=190952206.1593484999&_r=1&gtm=2ou6h1&z=1352590133
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amgen.recruitmentrequests.com/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Jun 2020 02:43:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
login.jpg
amgen.recruitmentrequests.com/images/hero/
165 KB
165 KB
Image
General
Full URL
https://amgen.recruitmentrequests.com/images/hero/login.jpg
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
70.32.90.12 Culver City, United States, ASN398110 (GO-DADDY-COM-LLC, US),
Reverse DNS
Software
nginx / PleskLin
Resource Hash
08402318064c30978aecea45abc758d900a1e5a1efb73772fb2702bcd35241de

Request headers

Referer
https://amgen.recruitmentrequests.com/css/app.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
etag
"5e67a3ab-2944e"
last-modified
Tue, 10 Mar 2020 14:26:51 GMT
server
nginx
x-powered-by
PleskLin
content-type
image/jpeg
status
200
cache-control
max-age=2592000
accept-ranges
bytes
content-length
169038
expires
Thu, 30 Jul 2020 02:43:19 GMT
eba438b3-9ab9-48ba-b1c5-610f83b38303.woff2
fast.fonts.net/dv2/14/
16 KB
16 KB
Font
General
Full URL
https://fast.fonts.net/dv2/14/eba438b3-9ab9-48ba-b1c5-610f83b38303.woff2?d44f19a684109620e4841571ae90e818e416d16650146eec36040b3150240d73392ca41abbbad40b03a081ad4af391f37b9719e0b8ce7e3997a0df7ed01187d59e60405d6dc4ec954d43ead1d827ef3549285118ec7426ab31ac2d8235cb97559f7c1df0c5b794fb43ebe56a266e6f48c2cd6c284514df2560f3880080451eb074c26df94df11050e4a2cf649186daf6d9d1c84c14a1abf4fd1e03d32c6497b424c8f3240decea3c76557dc9ad7657d97a561676e76f3772d5c3b07faf&projectId=5b1bd4e6-f56d-4cfa-88b1-07daf3d39816
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/418C) /
Resource Hash
1a7a9cac93c013eb29540881bcbd9d36cefbfff632941ebfd4814449caec964d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://amgen.recruitmentrequests.com/login
Origin
https://amgen.recruitmentrequests.com

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
last-modified
Thu, 04 Dec 2014 19:01:12 GMT
server
ECS (fcn/418C)
age
18998742
etag
"2061282182"
status
200
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
16144
expires
Mon, 28 Sep 2020 02:43:19 GMT
0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2
fast.fonts.net/dv2/14/
16 KB
16 KB
Font
General
Full URL
https://fast.fonts.net/dv2/14/0b6110f9-6072-46b9-98af-7d09f7c895b8.woff2?d44f19a684109620e4841571ae90e818e416d16650146eec36040b3150240d73392ca41abbbad40b03a081ad4af391f37b9719e0b8ce7e3997a0df7ed01187d59e60405d6dc4ec954d43ead1d827ef3549285118ec7426ab31ac2d8235cb97559f7c1df0c5b794fb43ebe56a266e6f48c2cd6c284514df2560f3880080451eb074c26df94df11050e4a2cf649186daf6d9d1c84c14a1abf4fd1e03d32c6497b424c8f3240decea3c76557dc9ad7657d97a561676e76f3772d5c3b07faf&projectId=5b1bd4e6-f56d-4cfa-88b1-07daf3d39816
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/41A8) /
Resource Hash
2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://amgen.recruitmentrequests.com/login
Origin
https://amgen.recruitmentrequests.com

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
last-modified
Thu, 04 Dec 2014 20:51:11 GMT
server
ECS (fcn/41A8)
age
29919851
etag
"1613603687"
status
200
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
16356
expires
Mon, 28 Sep 2020 02:43:19 GMT
3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2
fast.fonts.net/dv2/14/
16 KB
16 KB
Font
General
Full URL
https://fast.fonts.net/dv2/14/3b0f1c67-c2e4-4df6-976f-49d52e45aba1.woff2?d44f19a684109620e4841571ae90e818e416d16650146eec36040b3150240d73392ca41abbbad40b03a081ad4af391f37b9719e0b8ce7e3997a0df7ed01187d59e60405d6dc4ec954d43ead1d827ef3549285118ec7426ab31ac2d8235cb97559f7c1df0c5b794fb43ebe56a266e6f48c2cd6c284514df2560f3880080451eb074c26df94df11050e4a2cf649186daf6d9d1c84c14a1abf4fd1e03d32c6497b424c8f3240decea3c76557dc9ad7657d97a561676e76f3772d5c3b07faf&projectId=5b1bd4e6-f56d-4cfa-88b1-07daf3d39816
Requested by
Host: amgen.recruitmentrequests.com
URL: https://amgen.recruitmentrequests.com/login
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:660:118e:28f:1d8a:2522 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (fcn/40E2) /
Resource Hash
49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://amgen.recruitmentrequests.com/login
Origin
https://amgen.recruitmentrequests.com

Response headers

date
Tue, 30 Jun 2020 02:43:19 GMT
last-modified
Thu, 04 Dec 2014 21:47:06 GMT
server
ECS (fcn/40E2)
age
31122585
etag
"3838164867"
status
200
x-cache
HIT
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=7776000
accept-ranges
bytes
content-length
16376
expires
Mon, 28 Sep 2020 02:43:19 GMT

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| FontAwesomeKitConfig object| prefixesArray string| prefixesSelectorString object| MonoTypeWebFonts function| mti_loadScript object| mti object| mti_element_cache object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| wysihtml function| Base object| rangy object| wysihtmlParserRulesDefaults object| wysihtmlParserRules object| wysihtmlParserPasteRulesets object| Foundation function| WOW function| jQuery function| $

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

amgen.recruitmentrequests.com
fast.fonts.net
kit-pro.fontawesome.com
kit.fontawesome.com
u5610445.ct.sendgrid.net
www.google-analytics.com
www.googletagmanager.com
151.139.128.8
167.89.118.35
2606:2800:234:660:118e:28f:1d8a:2522
2a00:1450:4001:806::2008
2a00:1450:4001:824::200e
70.32.90.12
08402318064c30978aecea45abc758d900a1e5a1efb73772fb2702bcd35241de
1a7a9cac93c013eb29540881bcbd9d36cefbfff632941ebfd4814449caec964d
1f9609007e6342426977fbfa172a4a26a55287f2f11feb0fad8afd834030164c
2aa2c3139fe0f3233bbab4e43ef2885af045555933aef6570046e6df2f7f57f3
2c0599464439ec9b3dd67d6a2d2d46f5c1d1ce7d4fa42515e176d66589e21982
315c9ec6ab6dd613d0048f81a8bf22e8bf87018d0dd98e1787e5982b4d2f1bec
43b92c41c0aad66089134751ab4faa56cb0877cb80a77d6c5b7ad72421424a6b
49be0df2d6bfe51dc29e0f5cebd2b99b6b1e4463c2d1250f1b1ae3ac36d0ce41
49c4a1267ea4af47bb475f705ba36e0847ae383b85d75fd1e4ac4caee944b6fd
512452f7aaa3be22da7ec78f06226bb99d38b116e870bc22616b5c31cdc09147
52f7bff0ccdd80dc36d123955c81195ea7173af8eb7c5be8a863e8e0ecfd5954
6e085b9cd7b08de1c5e0414f59cbe40b3c143afbef7378d72f28b68c9a5e654c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
894b696b5843c3c55a32634da7e60f66f7f562d8c4ec628f3e4b757864ecde82
8a25fced8f678e38b51a5c89a0ce83844ae782f29f712430b404ff9ddca05c42
97afa861b91d54ed1dd25e13c9a9d92304d447b83dc60c93a71f20a272098ae0
9f80ff2e0de04ac5959030d6fe43bb2c365e47b22cb6a35ebcdcd2681704f15e
aac706ab338889e961d2544a88602b55f1f50686ab144aa6b131664846a0ff90
beee629874bf3de1d34434a486f513d5ff00df76fb6f143d691a7f4e6ad83d64
bf0cc943afa0b52923b7acac778eb961f5c9d4765b7a942483f507602e62622d
cf6218991ac3b5cb482c82263896f7c0f8c1a592aee09be75bcc90f6e7f6e2d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eab28282f2388625b1beccad1080fc55d5750e745b079f612be246a4aefe0894
fd361b57998c76f86335afa28b8a62527d88a8200fb5c428d6f0fff73383e955