urlscan.io logo urlscan.io
SecurityTrails logo

v3.rivs.com Open in urlscan Pro
13.32.27.24  Public Scan

Go To Rescan Add Verdict Report
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Submission: On March 20 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 5 domains to perform 29 HTTP transactions. The main IP is 13.32.27.24, located in United States and belongs to AMAZON-02, US. The main domain is v3.rivs.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on November 8th 2023. Valid for: a year.
This is the only time v3.rivs.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
22 13.32.27.24 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
29 5
Apex Domain
Subdomains		 Transfer
22 rivs.com
v3.rivs.com
383 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 101
21 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 716
92 KB
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 195
343 B
0 googletagmanager.com Failed
www.googletagmanager.com Failed
29 5
Domain Requested by
22 v3.rivs.com v3.rivs.com
2 www.google-analytics.com v3.rivs.com
www.google-analytics.com
2 ajax.googleapis.com v3.rivs.com
1 stats.g.doubleclick.net www.google-analytics.com
0 www.googletagmanager.com Failed www.google-analytics.com
29 5

This site contains links to these domains. Also see Links.

Domain
interviewstream.com
Subject Issuer Validity Valid
*.rivs.com
Amazon RSA 2048 M02		 2023-11-08 -
2024-12-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-26 -
2024-05-20		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-19 -
2024-05-13		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Frame ID: E16172D18ED2BC1C5C1FB6139850CCE5
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

New Hire Benefit Enrollment

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • ([\d.]+)/jquery-ui(?:\.min)?\.js
  • jquery-ui.*\.js

Page Statistics

29
Requests

93 %
HTTPS

75 %
IPv6

5
Domains

5
Subdomains

5
IPs

3
Countries

497 kB
Transfer

1397 kB
Size

4
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
v3.rivs.com/schedule/newhirebenefitenrollment/ 		5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
aede37c2044bed5effbf4cff0192b3cc8042c54e9d21adc3bc3f9eeeb900a62e
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
rivs.com bugsnag.com
access-control-max-age
0
cache-control
no-store, no-cache, must-revalidate
content-encoding
gzip
content-length
1987
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
content-type
text/html; charset=UTF-8
date
Wed, 20 Mar 2024 13:13:11 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
feature-policy
camera 'self'; microphone 'self'
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Host,Accept-Encoding
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-id
h4jzAra76XAzYByWrRCv8DNc9oEoA5aaqy6m1GYf0hQZRqdcZfqevg==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 08:14:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
104338
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 08:14:13 GMT
jquery-ui.min.js
ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/ 		223 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Tue, 19 Mar 2024 07:51:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
105678
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60529
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 19 Mar 2025 07:51:53 GMT
default.css
v3.rivs.com/css/styles/landing/ 		76 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/css/styles/landing/default.css
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
36dc8195324be4dcb04416e44d27a2ccc431ecfdc8168b99a8ed3e8ac2bd2fc2
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
content-encoding
gzip
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
20543
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
vary
Host,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
rivs.com bugsnag.com
access-control-max-age
0
access-control-allow-credentials
true
feature-policy
camera 'self'; microphone 'self'
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
NLql2CDAsw9X5agS0lbS343InXqCRXp_2jTkQZvCJKWI6dYUdWn8iQ==
expires
0
/
v3.rivs.com/service/brandings/css/138/ 		33 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/service/brandings/css/138/
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
308647f8c4df8aa6f3526efc23471fee2c1cda92a0208df6d0d8087ba53d6e1a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:11 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
content-encoding
gzip
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
5166
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
vary
Host,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
text/css;charset=UTF-8
access-control-allow-origin
rivs.com bugsnag.com
access-control-max-age
0
access-control-allow-credentials
true
feature-policy
camera 'self'; microphone 'self'
cache-control
no-store, no-cache, must-revalidate
x-amz-cf-id
ZukjDHzhNTD1HeP_5o7rYGIg7JV6g60B9LEFaMIEFtLtWDnCDE1vjw==
expires
Thu, 19 Nov 1981 08:52:00 GMT
/
v3.rivs.com/service/brandings/js/138/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/service/brandings/js/138/
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
9d5a442c06fe391f0ee6e1bb3b4995b15d3aba63ea75007b99d4de9d6e861a4b
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
content-encoding
gzip
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
x-frame-options
SAMEORIGIN
vary
Accept-Encoding, Host
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
rivs.com bugsnag.com
access-control-max-age
0
access-control-allow-credentials
true
feature-policy
camera 'self'; microphone 'self'
cache-control
no-store, no-cache, must-revalidate
x-amz-cf-id
4EgPbRlNj9FbdfRXUNJetPA_oA6p82xacSxkj5lI2c3ui1NZqSYw4Q==
expires
Thu, 19 Nov 1981 08:52:00 GMT
video-js.min.js
v3.rivs.com/static/js/ 		475 KB
132 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/js/video-js.min.js?3542646f949eecedce802405a34e29cedc0f1658
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
ee582607b53c2696d405a5f0ecf523c97331777c41c0e7c061cf82fb1e6bf3d8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Sun, 28 Jan 2024 18:51:15 GMT
server
Apache
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
etag
"76dc9-61006038e7178-gzip"
vary
Host,Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
4w61Npg3mIymRbgDImsbSZh7J-Zr8Bc6k24cYVOOZe1tAlPpXwAylA==
x-xss-protection
1; mode=block
video-js.flash.min.js
v3.rivs.com/static/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/js/video-js.flash.min.js?3542646f949eecedce802405a34e29cedc0f1658
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
d6708179096aabf636cfc0ae023cfcadee3521a09e346e2a9d00866e237ad123
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
3101
x-xss-protection
1; mode=block
last-modified
Wed, 20 Mar 2024 08:30:32 GMT
server
Apache
etag
"1f56-614136774de24-gzip"
vary
Host,Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
2xqLIkJs_vlJ08-uyOmDj4HxJvqDfApfDe3yoQA0Vpe_SVEmmo59Rg==
video-js-rating.js
v3.rivs.com/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/js/video-js-rating.js?3542646f949eecedce802405a34e29cedc0f1658
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
3847385302da68577535531d18944cb07b12b06917e1bb2e36c016cb54664a1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
1204
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 16:12:43 GMT
server
Apache
etag
"ed2-61405be75a077-gzip"
vary
Host,Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
HwAzh0kPvgFvkBILwr_xtxKgrNlSifSVP0XJl8HpER5bDrGitB-Xhg==
video-js-min.css
v3.rivs.com/static/css/plugins/ 		37 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/css/plugins/video-js-min.css?3542646f949eecedce802405a34e29cedc0f1658
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
981561c9ecdb0979f00b87af471956562d9906f0182a05e0787ce7ae73b725b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
9912
x-xss-protection
1; mode=block
last-modified
Wed, 20 Mar 2024 11:02:35 GMT
server
Apache
etag
"93ff-614158732f89d-gzip"
vary
Host,Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
H0Gdune0jlpMw9plf-Q5IDa60-dziK82lsJTK6kmp696dvW4_DaOFw==
video-js-skin-rivs.css
v3.rivs.com/static/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/css/video-js-skin-rivs.css?3542646f949eecedce802405a34e29cedc0f1658
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
442bd55bd76d89d29d23d1511c5cb68f54dddfdb5913a6a6c164a63b879b8555
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
1928
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 16:12:42 GMT
server
Apache
etag
"14d0-61405be73ac7a-gzip"
vary
Host,Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
TbNE6eAvRsgkZS3skpEKeo_JT_9fDeleLL99ReCAMRBD3NJvfT2dOQ==
intlTelInput.css
v3.rivs.com/static/css/plugins/intl-tel-input/ 		20 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/css/plugins/intl-tel-input/intlTelInput.css
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
149d4fe87235da63779dd6766cf0f664f97560b5c5fc7ead20b3909735e5dcb3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
3103
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 16:12:42 GMT
server
Apache
etag
"5013-61405be73bc1a-gzip"
vary
Host,Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
EF865t-QUGExChyXQjTNIyiLfZ_-Ue98MMlp3RIGnhdVLo7rALJuQA==
landing.css
v3.rivs.com/static/css/ 		888 B
803 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/css/landing.css
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
dc10cccbeeaa4d7f8be8a97c53d6c6beec500727f28dd8df7ab22ec1df64fa0d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
368
x-xss-protection
1; mode=block
last-modified
Mon, 18 Dec 2023 14:08:57 GMT
server
Apache
etag
"378-60cc94a6fd63f-gzip"
vary
Host,Accept-Encoding
content-type
text/css
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
SSzqaPaA_TJ3JlFMfYWNg5GAKkhdImOf43gzvaApt3S8zaPBAMmUlw==
intlTelInput.js
v3.rivs.com/static/js/plugins/intl-tel-input/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/js/plugins/intl-tel-input/intlTelInput.js
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
98b68f2b97c6008faa2872b7210dd41401335b0c21a9a24e254ea8fedbed5fb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
9713
x-xss-protection
1; mode=block
last-modified
Wed, 20 Mar 2024 11:02:35 GMT
server
Apache
etag
"5eaf-6141587367340-gzip"
vary
Host,Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
lcZrJ-BlXbGlgKiNBhO2A8_4W-Ny_i8jaGa9mhh4BC5gfWJcBPVANA==
landing.js
v3.rivs.com/static/js/manage/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/js/manage/landing.js
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
155e305326cb4acf0c4041e2403082323a25a5fc40e50241e1b5dc46373ef0b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:11 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
1490
x-xss-protection
1; mode=block
last-modified
Tue, 19 Mar 2024 16:12:43 GMT
server
Apache
etag
"190d-61405be768ad5-gzip"
vary
Host,Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
x9rDWBIld1T4hf-Z_HHf2jEXoLs9RgRsOdaOd-FR-IxfQ72bRppQSg==
validation.js
v3.rivs.com/static/js/manage/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/static/js/manage/validation.js
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
169a3d93f4658523af5128d12cf1b0dc7373de5d9e4e9edc0de5cbf64ad1985e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
788
x-xss-protection
1; mode=block
last-modified
Fri, 16 Feb 2024 13:58:04 GMT
server
Apache
etag
"a30-6118021fe7c9e-gzip"
vary
Host,Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
x-amz-cf-id
aCC4nzjcVzu3IY7zqHEKuDXHzq1L01SLnYpj3HNQl7q_-y68l2LilQ==
default.en_US.js
v3.rivs.com/js/candidate/ 		188 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/js/candidate/default.en_US.js
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
e71997f417d36bf5004fe030026dd8d54ddfa337c63d8862e32d79b7ac64905a
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
content-encoding
gzip
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-length
34994
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
Apache
vary
Host,Accept-Encoding
x-frame-options
SAMEORIGIN
content-type
application/javascript
access-control-allow-origin
rivs.com bugsnag.com
access-control-max-age
0
access-control-allow-credentials
true
feature-policy
camera 'self'; microphone 'self'
cache-control
no-cache, no-store, must-revalidate
x-amz-cf-id
NfJMYueYcLvpLXSqm4TwvE6ZQDCnw-vCy-NtWM7-pRJdSkpJaY1hbw==
expires
0
ibtr-logo_color-tagline3797.450x60.png
v3.rivs.com/production/companies/1194/career_pages/images/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.rivs.com/production/companies/1194/career_pages/images/ibtr-logo_color-tagline3797.450x60.png?Expires=1710943991&Signature=ANLI6~dN2M3kFXXEYFh8e07k-Ly1ODEMKYOyp8T78SakplF5Vm~g008qg6wJ6vCxdKHBTgX~AKO1EtoNFmLzfzeZ8~dUNYw~sseIqvCsxtG5KVpmmCmVYMYeT2Ez~351V7NddCGN2J8pfvpbaLF35QSpAdMs9y8Dw3MFhsJwgvk_&Key-Pair-Id=APKAIXHKQBJHBZS2EPDQ
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
407e146ffe3457dbe8da4b358533f8db535b7e97ae6a269900b620ce1075d0c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 06:33:28 GMT
x-amz-version-id
CQ.WijuUVtHlL.o8LagMs4Kmdkjrdgde
x-content-type-options
nosniff
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
23985
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-disposition
attachment; filename=ibtr-logo_color-tagline.450x60.png
content-length
5955
x-xss-protection
1; mode=block
last-modified
Fri, 23 Dec 2022 15:09:35 GMT
server
AmazonS3
etag
"8bf16972a03b6e8355a33bdd3e8940f0"
content-type
image/png
accept-ranges
bytes
x-amz-cf-id
f3k-qifOR4-WsmHnl-Rjv0GpNgc1MVIhOyOm33LTyKsdKVlp5SKKng==
grey_close.png
v3.rivs.com/images/landing/default/icons/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.rivs.com/images/landing/default/icons/grey_close.png
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
eb6890c60efb7a5bad9d1e9c25b0c5ec33f8d17326519c5d161d966d60518784
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2024 08:30:25 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
etag
"675-6141366fed2a1"
vary
Host
x-cache
Miss from cloudfront
content-type
image/png
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
content-length
1653
x-xss-protection
1; mode=block
x-amz-cf-id
c08HfgxFfBaq7kSPIm8nIm9uM25bWsu-P3dzufB0lKTSHAHsY1Y2Nw==
circles.gif
v3.rivs.com/images/ajaxloaders/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.rivs.com/images/ajaxloaders/circles.gif
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
dfc683d8fd552eda9a8025ab41fb76b147e50cf02eeb277914c201d523d3cff7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Wed, 20 Mar 2024 11:02:26 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
etag
"2815-6141586b1450f"
vary
Host
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
content-length
10261
x-xss-protection
1; mode=block
x-amz-cf-id
nifjijqSS5tNkCuq-AygQpN75n2yhqGDLpG-4nWFEYc656k2cdh5NA==
ec935275-31bc-41cf-ad9e-8f6bbd8350c4
https://v3.rivs.com/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://v3.rivs.com/ec935275-31bc-41cf-ad9e-8f6bbd8350c4
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
grey-ribbon-edge.png
v3.rivs.com/images/landing/default/vanilla/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://v3.rivs.com/images/landing/default/vanilla/grey-ribbon-edge.png
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/service/brandings/css/138/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
59f3888c34df6007ecb931e5a456db301d7babaf5d7c8f9fd740f2629ff83766
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/service/brandings/css/138/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Sun, 28 Jan 2024 18:51:06 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
etag
"41b-6100602fa6466"
vary
Host
x-cache
Miss from cloudfront
content-type
image/png
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
content-length
1051
x-xss-protection
1; mode=block
x-amz-cf-id
RCZimzJoKQAXt-gKRJdf-GqckHxuhWyxpbADpzwrECt3pVuzU1pesw==
museo_slab_300.ttf
v3.rivs.com/fonts/ 		53 KB
54 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/fonts/museo_slab_300.ttf
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/service/brandings/css/138/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
7eb292c5956f271c940d7d364f882d60c092183f2c23d51f0553075bc84d04e6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v3.rivs.com/service/brandings/css/138/
Origin
https://v3.rivs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 14:08:57 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
etag
"d588-60cc94a71d9e3"
vary
Host
x-cache
Miss from cloudfront
content-type
application/font-sfnt
accept-ranges
bytes
content-length
54664
x-xss-protection
1; mode=block
x-amz-cf-id
QATxQMKTZs2XzKS7G1eoxE7nfNDIvsVcjN1yzNewqC41wYMZtva23Q==
Gotham_Light.woff
v3.rivs.com/fonts/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/fonts/Gotham_Light.woff
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/service/brandings/css/138/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
20e8f5b17595e53f6ba3cfddfd3e85e7bb76da2596dfdb0143eb54385a92de90
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v3.rivs.com/service/brandings/css/138/
Origin
https://v3.rivs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 14:08:57 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
etag
"5388-60cc94a70b100"
vary
Host
x-cache
Miss from cloudfront
content-type
application/font-woff
cache-control
no-cache, no-store, must-revalidate;
accept-ranges
bytes
content-length
21384
x-xss-protection
1; mode=block
x-amz-cf-id
cDKiuRrDQpnuNnZFAWB3_O_TWjT-CXmRcjE-npU4HZ4gvRY6oF_W8A==
museo_slab_500.ttf
v3.rivs.com/fonts/ 		53 KB
53 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://v3.rivs.com/fonts/museo_slab_500.ttf
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/service/brandings/css/138/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-24.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
138172ad7618efaddee74d29b4a61c082a52379d1c94d494fa1f9d152fad824a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://v3.rivs.com/service/brandings/css/138/
Origin
https://v3.rivs.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

date
Wed, 20 Mar 2024 13:13:12 GMT
via
1.1 27f780feafa4114cfc67d86fca85d124.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Mon, 18 Dec 2023 16:11:48 GMT
server
Apache
x-amz-cf-pop
FRA56-C2
etag
"d3a8-60ccb01cfaa0f"
vary
Host
x-cache
Miss from cloudfront
content-type
application/font-sfnt
accept-ranges
bytes
content-length
54184
x-xss-protection
1; mode=block
x-amz-cf-id
uUiArJp4HzTwmtwGkt1wlogjmGBRDuLV3uUaz7ND7b9Bcw_qir9r3A==
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: v3.rivs.com
URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 20 Mar 2024 11:38:42 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
5670
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Wed, 20 Mar 2024 13:38:42 GMT
collect
www.google-analytics.com/j/ 		16 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=5826208&t=pageview&_s=1&dl=https%3A%2F%2Fv3.rivs.com%2Fschedule%2Fnewhirebenefitenrollment%2F&ul=en-us&de=UTF-8&dt=New%20Hire%20Benefit%20Enrollment&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=118449131&gjid=613334855&cid=745890108.1710940392&tid=UA-37961946-24&_gid=2083037657.1710940392&_r=1&_slc=1&z=1915272100
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1aa014c0c0adbbfe37552c1504fe944226d7da1d212558694e91dff9e0a8d731
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 20 Mar 2024 13:13:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v3.rivs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-37961946-24&cid=745890108.1710940392&jid=118449131&gjid=613334855&_gid=2083037657.1710940392&_u=IEBAAEAAAAAAACAAI~&z=1876498840
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://v3.rivs.com/schedule/newhirebenefitenrollment/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.128 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 20 Mar 2024 13:13:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://v3.rivs.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-DHCT3KH0EZ&cx=c&_slc=1

Verdicts & Comments Add Verdict or Comment

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 function| $ function| jQuery function| setCompletedInterview object| jQuery1102025849434008559724 object| vttjs function| WebVTT function| videojs function| videojsFlash object| oLanding function| fPhoneValidate function| scrollWin object| oFrame object| oSocial object| oMessage object| oDocuments object| oHelp object| oPage object| oFieldMapping object| oInterview object| oFile object| oL function| applicationLightBoxLoad string| GoogleAnalyticsObject function| ga boolean| $bCloseAble object| $aInterviews object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| dataLayer

4 Cookies

Domain/Path Name / Value
.rivs.com/ Name: PHPSESSID
Value: eknnrd2ag8onp23bf9uj00q1j3
.rivs.com/ Name: _ga
Value: GA1.2.745890108.1710940392
.rivs.com/ Name: _gid
Value: GA1.2.2083037657.1710940392
.rivs.com/ Name: _gat
Value: 1

3 Console Messages

Source Level URL
Text
security warning URL: https://v3.rivs.com/schedule/newhirebenefitenrollment/(Line 16)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security warning URL: https://v3.rivs.com/js/candidate/default.en_US.js(Line 1)
Message:
document.domain mutation is ignored because the surrounding agent cluster is origin-keyed.
security error URL: https://www.google-analytics.com/analytics.js(Line 23)
Message:
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=G-DHCT3KH0EZ&cx=c&_slc=1' because it violates the following Content Security Policy directive: "default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:". Note that 'script-src-elem' was not explicitly set, so 'default-src' is used as a fallback.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' 'unsafe-inline' 'unsafe-eval' data: *.rivs.com *.rivs.com:8443 wss://*.rivs.com wss://*.rivs.com:8443 *.bugsnag.com *.google.com *.google-analytics.com *.googleapis.com *.facebook.com *.opentok.com wss://*.opentok.com *.tokbox.com wss://*.tokbox.com wss://*.websocket.org *.twilio.com *.youtube.com *.vimeo.com *.cloudfront.net *.apple.com *.jobs2careers.com *.upward.net *.doubleclick.net *.googleusercontent.com *.fbcdn.net cdn.tiny.cloud *.tinymce.com *.dropbox.com canny.io *.canny.io helphero.co *.helphero.co powerbi.com windows.net *.powerbi.com *.windows.net interviewstream.com *.interviewstream.com *.jsdelivr.net api.openai.com blob:; font-src 'self' data: fonts.gstatic.com; media-src * blob:;
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
stats.g.doubleclick.net
v3.rivs.com
www.google-analytics.com
www.googletagmanager.com
www.googletagmanager.com
13.32.27.24
2a00:1450:4001:802::200a
2a00:1450:4001:809::200e
2a00:1450:400c:c00::9d
138172ad7618efaddee74d29b4a61c082a52379d1c94d494fa1f9d152fad824a
149d4fe87235da63779dd6766cf0f664f97560b5c5fc7ead20b3909735e5dcb3
155e305326cb4acf0c4041e2403082323a25a5fc40e50241e1b5dc46373ef0b2
169a3d93f4658523af5128d12cf1b0dc7373de5d9e4e9edc0de5cbf64ad1985e
1aa014c0c0adbbfe37552c1504fe944226d7da1d212558694e91dff9e0a8d731
20e8f5b17595e53f6ba3cfddfd3e85e7bb76da2596dfdb0143eb54385a92de90
308647f8c4df8aa6f3526efc23471fee2c1cda92a0208df6d0d8087ba53d6e1a
36dc8195324be4dcb04416e44d27a2ccc431ecfdc8168b99a8ed3e8ac2bd2fc2
3847385302da68577535531d18944cb07b12b06917e1bb2e36c016cb54664a1a
407e146ffe3457dbe8da4b358533f8db535b7e97ae6a269900b620ce1075d0c9
442bd55bd76d89d29d23d1511c5cb68f54dddfdb5913a6a6c164a63b879b8555
59f3888c34df6007ecb931e5a456db301d7babaf5d7c8f9fd740f2629ff83766
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
7eb292c5956f271c940d7d364f882d60c092183f2c23d51f0553075bc84d04e6
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
981561c9ecdb0979f00b87af471956562d9906f0182a05e0787ce7ae73b725b9
98b68f2b97c6008faa2872b7210dd41401335b0c21a9a24e254ea8fedbed5fb4
9d5a442c06fe391f0ee6e1bb3b4995b15d3aba63ea75007b99d4de9d6e861a4b
aede37c2044bed5effbf4cff0192b3cc8042c54e9d21adc3bc3f9eeeb900a62e
d6708179096aabf636cfc0ae023cfcadee3521a09e346e2a9d00866e237ad123
dc10cccbeeaa4d7f8be8a97c53d6c6beec500727f28dd8df7ab22ec1df64fa0d
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dfc683d8fd552eda9a8025ab41fb76b147e50cf02eeb277914c201d523d3cff7
e71997f417d36bf5004fe030026dd8d54ddfa337c63d8862e32d79b7ac64905a
eb6890c60efb7a5bad9d1e9c25b0c5ec33f8d17326519c5d161d966d60518784
ee582607b53c2696d405a5f0ecf523c97331777c41c0e7c061cf82fb1e6bf3d8