employee.biotexuspharma.com Open in urlscan Pro
148.66.138.106 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://employee.biotexuspharma.com/logoff.php
Submission Tags: falconsandbox
Submission: On August 31 via api (August 31st 2021, 7:59:18 am UTC) from US

Summary HTTP 19 Redirects Behaviour Indicators

Similar DOM Content API

Summary

This website contacted 5 IPs in 3 countries across 4 domains to perform 19 HTTP transactions. The main IP is 148.66.138.106, located in Singapore, Singapore and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is employee.biotexuspharma.com.

This is the only time employee.biotexuspharma.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address		AS Autonomous System
15	148.66.138.106 148.66.138.106		26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC)
1	2a00:1450:400... 2a00:1450:4001:813::200a		15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e		13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:802::200a		15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2003		15169 (GOOGLE) (GOOGLE)
19	5

15 148.66.138.106 (Singapore, Singapore)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)

employee.biotexuspharma.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
15	biotexuspharma.com employee.biotexuspharma.com	965 KB
2	googleapis.com fonts.googleapis.com ajax.googleapis.com	32 KB
1	gstatic.com fonts.gstatic.com	15 KB
1	cloudflare.com cdnjs.cloudflare.com	11 KB
19	4

	Domain	Requested by
15	employee.biotexuspharma.com	employee.biotexuspharma.com
1	fonts.gstatic.com	fonts.googleapis.com
1	ajax.googleapis.com	employee.biotexuspharma.com
1	cdnjs.cloudflare.com	employee.biotexuspharma.com
1	fonts.googleapis.com	employee.biotexuspharma.com
19	5

This site contains no links.

Subject Issuer	Validity	Valid
upload.video.google.com GTS CA 1O1	`2021-08-16` - `2021-11-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-10-21` - `2021-10-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-08-16` - `2021-11-08`	3 months	crt.sh

This page contains 1 frames:

Primary Page: http://employee.biotexuspharma.com/logoff.php
Frame ID: 1127D707CFE75EAF5D406C4584EFAE79
Requests: 19 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Biotexus | Employee Information System

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i

animate.css (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /([\d.]+)?\/modernizr(?:.([\d.]+))?.*\.js/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

19
Requests

21 %
HTTPS

80 %
IPv6

4
Domains

5
Subdomains

5
IPs

3
Countries

1022 kB
Transfer

1470 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set logoff.php Show response
employee.biotexuspharma.com/ 4 KB
2 KB 442ms
424ms Document
text/html 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache / PHP/7.4.21
Resource Hash: 611cf25fdb4b4b0e8226d8c695fdb4e7ab04896b703c444c80e08550bc4fd771

Request headers

Host: employee.biotexuspharma.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Server: Apache
X-Powered-By: PHP/7.4.21
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1063
Keep-Alive: timeout=5, max=100
Content-Type: text/html; charset=UTF-8

GET
H2 200 css
fonts.googleapis.com/ 10 KB
880 B 20ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900

Requested by

Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0a61d26a57061c6c80b670e8bae65f7ab7f9405643d6c2d8dea9e8c3cccacf48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://employee.biotexuspharma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 31 Aug 2021 07:58:54 GMT
server: ESF
date: Tue, 31 Aug 2021 07:58:54 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 31 Aug 2021 07:58:54 GMT

GET
H/1.1 200
OK bootstrap.min.css
employee.biotexuspharma.com/css/ 119 KB
20 KB 212ms
208ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/bootstrap.min.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c0169-1da71-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19741

GET
H/1.1 200
OK font-awesome.min.css
employee.biotexuspharma.com/css/ 30 KB
7 KB 363ms
354ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/font-awesome.min.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c0245-7918-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 7053

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 15ms
10ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: http://employee.biotexuspharma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 31 Aug 2021 07:58:54 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 387310
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 10491
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iPH4DI57BJFroijzK9kbAGMlEWE82Q4aZzc9LU%2BJZKufuIARR6h1Z2yadhHBxZ%2BEKiD0Y2kRiZItt7wpt97dGnSL5UkH5HjHh012fm0%2B%2FFpRLwYATUAEx3OMi%2B8wTwhc%2BHp1vosULvU5NA24QgJc5Btk"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6874b7666e130625-FRA
expires: Sun, 21 Aug 2022 07:58:54 GMT

GET
H/1.1 200
OK animate.css
employee.biotexuspharma.com/css/ 57 KB
5 KB 339ms
330ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/animate.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c012b-e283-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 4324

GET
H/1.1 200
OK normalize.css
employee.biotexuspharma.com/css/ 6 KB
2 KB 359ms
350ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/normalize.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c0395-17fa-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 1738

GET
H/1.1 200
OK meanmenu.min.css
employee.biotexuspharma.com/css/ 2 KB
1 KB 334ms
326ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/meanmenu.min.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 9f440ab3758cb4dce61ff761e957517a37a0fec4920568c9cd7e040a2e5f01b5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c0317-91d-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 785

GET
H/1.1 200
OK main.css
employee.biotexuspharma.com/css/ 6 KB
2 KB 349ms
341ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/main.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 1c6d04b587889d5c1d37444d1dea1e478590502ddf233b45333cd8f5e8487936

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c0316-1660-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Accept-Ranges: bytes
Content-Type: text/css
Keep-Alive: timeout=5, max=100
Content-Length: 2086

GET
H/1.1 200
OK jquery.mCustomScrollbar.min.css
employee.biotexuspharma.com/css/scrollbar/ 42 KB
4 KB 502ms
167ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/scrollbar/jquery.mCustomScrollbar.min.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c041b-a757-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3984

GET
H/1.1 200
OK metisMenu.min.css
employee.biotexuspharma.com/css/metisMenu/ 2 KB
1 KB 507ms
168ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/metisMenu/metisMenu.min.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 87fefa55fa1c20565466284b3a13603d783fc33415a6d3e8d2805af59a9343bb

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c038f-888-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 691

GET
H/1.1 200
OK metisMenu-vertical.css
employee.biotexuspharma.com/css/metisMenu/ 2 KB
871 B 524ms
174ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/metisMenu/metisMenu-vertical.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: f7fea078fc314ae96b3f21be9b7e8d8145519171728e025b36a13aa213b40a72

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c0319-719-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 533

GET
H/1.1 200
OK style.css
employee.biotexuspharma.com/ 107 KB
19 KB 539ms
180ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/style.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 11182d82e9ba2160f20170c5716cc8945c8c2cd0c43b649a636a868bd20297b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 May 2021 17:41:36 GMT
Server: Apache
ETag: "44c0306-1aae5-5c2b2569c6aff-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19383

GET
H/1.1 200
OK style_update.css
employee.biotexuspharma.com/ 3 KB
2 KB 543ms
181ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/style_update.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 333ef270bb3baf3f40876d68291f98c879d2b87096b5a7c7c9907e8adeac51b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 22 Jul 2021 12:00:32 GMT
Server: Apache
ETag: "44c0edd-d9f-5c7b508ba6d01-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1260

GET
H/1.1 200
OK responsive.css
employee.biotexuspharma.com/css/ 15 KB
3 KB 600ms
200ms Stylesheet
text/css 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/css/responsive.css
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: fb76d5ac80c92498bb8caf7d13f2dbeb44ae1f923f125f255906cd7602294c4d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:54 GMT
Content-Encoding: gzip
Last-Modified: Thu, 20 May 2021 06:04:50 GMT
Server: Apache
ETag: "44c040d-3d46-5c2bcb8958480-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2757

GET
H/1.1 200
OK modernizr-2.8.3.min.js Show response
employee.biotexuspharma.com/js/vendor/ 15 KB
7 KB 669ms
167ms Script
application/javascript 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to

Full URL: http://employee.biotexuspharma.com/js/vendor/modernizr-2.8.3.min.js
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: */*
Referer: http://employee.biotexuspharma.com/logoff.php
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/logoff.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:55 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Jan 2019 21:18:48 GMT
Server: Apache
ETag: "44c0ccb-3c9a-57f71972e9e00-gzip"
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 6306

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/logoff.php

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://employee.biotexuspharma.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sun, 29 Aug 2021 10:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 163078
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Aug 2022 10:40:56 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900

Protocol

H2

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: http://employee.biotexuspharma.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Sat, 28 Aug 2021 11:31:42 GMT
x-content-type-options: nosniff
age: 246433
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Aug 2022 11:31:42 GMT

GET
H/1.1 200
OK bg_login.jpg
employee.biotexuspharma.com/img/ 889 KB
890 KB 200ms
200ms Image
image/jpeg 148.66.138.106
AS-26496-GO-DADDY...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://employee.biotexuspharma.com/img/bg_login.jpg
Requested by: Host: employee.biotexuspharma.com
URL: http://employee.biotexuspharma.com/style_update.css
Protocol: HTTP/1.1
Server: 148.66.138.106 Singapore, Singapore, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
Software: Apache /
Resource Hash: 978cbd68576f2844d8f6b63caf90e83123040986bcc862154cff8c292277f8da

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: employee.biotexuspharma.com
Accept-Language: en-US
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Referer: http://employee.biotexuspharma.com/style_update.css
Cookie: PHPSESSID=6b1b37fdec68528f1b654cb7790e2eda
Connection: keep-alive
Cache-Control: no-cache
Referer: http://employee.biotexuspharma.com/style_update.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Tue, 31 Aug 2021 07:58:55 GMT
Last-Modified: Thu, 08 Jul 2021 05:47:14 GMT
Server: Apache
ETag: "44c064f-de5e7-5c6962fdd9c80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 910823

Verdicts & Comments Add Verdict or Comment

12 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| html5 object| Modernizr function| yepnope function| $ function| jQuery

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdnjs.cloudflare.com
employee.biotexuspharma.com
fonts.googleapis.com
fonts.gstatic.com
148.66.138.106
2606:4700::6810:135e
2a00:1450:4001:802::2003
2a00:1450:4001:802::200a
2a00:1450:4001:813::200a
0a61d26a57061c6c80b670e8bae65f7ab7f9405643d6c2d8dea9e8c3cccacf48
11182d82e9ba2160f20170c5716cc8945c8c2cd0c43b649a636a868bd20297b6
1c6d04b587889d5c1d37444d1dea1e478590502ddf233b45333cd8f5e8487936
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
1f429f4e2829515fb4ff9b67d875c2d023f08610e15a049ac0976715dd02182a
247184981eb6f698a94e431a83d68c6b0df623cce57b6e29dc5a6c11e23aa195
2b0f8526e7a1b0f1fb42e8acec3c1e7737a1a3065b773ebd13a492952f557967
333ef270bb3baf3f40876d68291f98c879d2b87096b5a7c7c9907e8adeac51b6
580818700724d42d7fcc4979b0197971fca1c6d2e0286769237a0ac897df5512
611cf25fdb4b4b0e8226d8c695fdb4e7ab04896b703c444c80e08550bc4fd771
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
87fefa55fa1c20565466284b3a13603d783fc33415a6d3e8d2805af59a9343bb
978cbd68576f2844d8f6b63caf90e83123040986bcc862154cff8c292277f8da
9f440ab3758cb4dce61ff761e957517a37a0fec4920568c9cd7e040a2e5f01b5
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f7fea078fc314ae96b3f21be9b7e8d8145519171728e025b36a13aa213b40a72
fb76d5ac80c92498bb8caf7d13f2dbeb44ae1f923f125f255906cd7602294c4d