auth.savings.beneplace.com
Open in
urlscan Pro
172.64.150.236
Public Scan
Effective URL: https://auth.savings.beneplace.com/uson/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=Jan...
Submission: On January 31 via manual from IN — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 1st 2023. Valid for: a year.
This is the only time auth.savings.beneplace.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN13335 (CLOUDFLARENET, US)
uson.savings.beneplace.com | |
auth.savings.beneplace.com |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-81-135.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net
smetrics.beneplace.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-83.fra56.r.cloudfront.net
live.rezync.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-42.fra60.r.cloudfront.net
cdn.boomtrain.com |
ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f198.1e100.net
ad.doubleclick.net |
ASN29990 (ASN-APPNEX, US)
PTR: 1004.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-70-255.compute-1.amazonaws.com
people.api.boomtrain.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-177-182.compute-1.amazonaws.com
events.api.boomtrain.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
beneplace.com
2 redirects
uson.savings.beneplace.com smetrics.beneplace.com — Cisco Umbrella Rank: 141849 auth.savings.beneplace.com — Cisco Umbrella Rank: 141194 |
1 MB |
7 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 460 |
172 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2029 |
21 KB |
3 |
boomtrain.com
cdn.boomtrain.com — Cisco Umbrella Rank: 5754 people.api.boomtrain.com — Cisco Umbrella Rank: 6199 events.api.boomtrain.com — Cisco Umbrella Rank: 8976 |
31 KB |
3 |
doubleclick.net
2 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 79 ad.doubleclick.net — Cisco Umbrella Rank: 163 |
3 KB |
3 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
258 KB |
3 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225 challenges.cloudflare.com — Cisco Umbrella Rank: 5168 |
27 KB |
2 |
nr-data.net
bam.nr-data.net — Cisco Umbrella Rank: 236 |
767 B |
2 |
adnxs.com
1 redirects
secure.adnxs.com — Cisco Umbrella Rank: 490 |
2 KB |
2 |
netmng.com
com-wag3.netmng.com — Cisco Umbrella Rank: 133940 |
5 KB |
2 |
googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 362 |
65 KB |
1 |
newrelic.com
js-agent.newrelic.com — Cisco Umbrella Rank: 600 |
26 KB |
1 |
google.com
adservice.google.com — Cisco Umbrella Rank: 98 |
401 B |
1 |
rezync.com
live.rezync.com — Cisco Umbrella Rank: 1645 |
6 KB |
1 |
gstatic.com
fonts.gstatic.com |
14 KB |
1 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239 |
676 B |
1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324 |
25 KB |
56 | 17 |
Domain | Requested by | |
---|---|---|
16 | uson.savings.beneplace.com |
1 redirects
uson.savings.beneplace.com
|
7 | assets.adobedtm.com |
uson.savings.beneplace.com
assets.adobedtm.com |
5 | auth.savings.beneplace.com |
1 redirects
uson.savings.beneplace.com
auth.savings.beneplace.com |
3 | www.google-analytics.com |
uson.savings.beneplace.com
|
3 | www.googletagmanager.com |
uson.savings.beneplace.com
|
2 | challenges.cloudflare.com |
auth.savings.beneplace.com
challenges.cloudflare.com |
2 | bam.nr-data.net |
uson.savings.beneplace.com
|
2 | secure.adnxs.com |
1 redirects
uson.savings.beneplace.com
|
2 | ad.doubleclick.net | 2 redirects |
2 | com-wag3.netmng.com |
uson.savings.beneplace.com
|
2 | region1.google-analytics.com |
www.googletagmanager.com
|
2 | maps.googleapis.com |
uson.savings.beneplace.com
|
1 | js-agent.newrelic.com |
uson.savings.beneplace.com
|
1 | events.api.boomtrain.com |
uson.savings.beneplace.com
|
1 | people.api.boomtrain.com |
uson.savings.beneplace.com
|
1 | adservice.google.com |
uson.savings.beneplace.com
|
1 | cdn.boomtrain.com |
uson.savings.beneplace.com
|
1 | stats.g.doubleclick.net |
uson.savings.beneplace.com
|
1 | live.rezync.com |
uson.savings.beneplace.com
|
1 | smetrics.beneplace.com |
uson.savings.beneplace.com
|
1 | fonts.gstatic.com |
uson.savings.beneplace.com
|
1 | dpm.demdex.net |
assets.adobedtm.com
|
1 | cdnjs.cloudflare.com |
uson.savings.beneplace.com
|
1 | cdn.jsdelivr.net |
uson.savings.beneplace.com
|
56 | 24 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.cloudflare.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
beneplace.com Cloudflare Inc ECC CA-3 |
2023-12-01 - 2024-11-30 |
a year | crt.sh |
assets.adobedtm.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-11 - 2024-08-10 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-05-02 - 2024-05-01 |
a year | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
smetrics.beneplace.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-05 - 2024-06-04 |
a year | crt.sh |
*.rezync.com Amazon RSA 2048 M02 |
2023-10-25 - 2024-11-21 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.boomtrain.com Amazon RSA 2048 M02 |
2024-01-10 - 2025-02-07 |
a year | crt.sh |
*.netmng.com Sectigo RSA Domain Validation Secure Server CA |
2024-01-09 - 2025-02-04 |
a year | crt.sh |
*.api.boomtrain.com Amazon RSA 2048 M03 |
2023-09-16 - 2024-10-14 |
a year | crt.sh |
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2024 Q1 |
2024-01-15 - 2025-02-15 |
a year | crt.sh |
*.nr-data.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-29 - 2024-10-01 |
a year | crt.sh |
challenges.cloudflare.com Cloudflare Inc ECC CA-3 |
2023-08-18 - 2024-08-17 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://auth.savings.beneplace.com/uson/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=January-29-2024-Samsung&utm_campaign=email-mme&redirect_uri=https%3A%2F%2Fuson.savings.beneplace.com%2Fhome%3Foff_guid%3D6SZ6y4C0jZhifkn9VakBi5%26ebldr_form%3D2.01%26source-id%3Demail%26utm_source%3Demail%26utm_campaign%3Demail-mme%26utm_medium%3DJanuary-29-2024-Samsung%26DLK%3D88730crr5ph7ir46zt4obnwvr
Frame ID: 7F0D0BB61C8EC4AD5A82ABB923761F9D
Requests: 54 HTTP requests in this frame
Frame:
https://uson.savings.beneplace.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
Frame ID: B4971D30E1CD81F266BA4DE9C0050CBA
Requests: 2 HTTP requests in this frame
Frame:
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oud84/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Frame ID: 7B6D12DE0E38DD5BC51B0E8EFDAE95ED
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Just a moment...Page URL History Show full URLs
- https://uson.savings.beneplace.com/home?off_guid=6SZ6y4C0jZhifkn9VakBi5&ebldr_form=2.01&source-id=email&utm_sou... Page URL
-
https://auth.savings.beneplace.com/auth/authorize?subdomain=uson&response_type=code&client_id=9ezalirn45mF43imJ...
HTTP 302
https://auth.savings.beneplace.com/uson/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=... Page URL
Detected technologies
Google Maps (Maps) ExpandDetected patterns
- //maps\.google(?:apis)?\.com/maps/api/js
Bootstrap (Web Frameworks) Expand
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
jsDelivr (CDN) Expand
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: Cloudflare
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://uson.savings.beneplace.com/home?off_guid=6SZ6y4C0jZhifkn9VakBi5&ebldr_form=2.01&source-id=email&utm_source=email&utm_campaign=email-mme&utm_medium=January-29-2024-Samsung&DLK=88730crr5ph7ir46zt4obnwvr Page URL
-
https://auth.savings.beneplace.com/auth/authorize?subdomain=uson&response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=January-29-2024-Samsung&utm_campaign=email-mme&redirect_uri=https%3A%2F%2Fuson.savings.beneplace.com%2Fhome%3Foff_guid%3D6SZ6y4C0jZhifkn9VakBi5%26ebldr_form%3D2.01%26source-id%3Demail%26utm_source%3Demail%26utm_campaign%3Demail-mme%26utm_medium%3DJanuary-29-2024-Samsung%26DLK%3D88730crr5ph7ir46zt4obnwvr
HTTP 302
https://auth.savings.beneplace.com/uson/sign-in?response_type=code&client_id=9ezalirn45mF43imJTdf53&utm_source=email&utm_medium=January-29-2024-Samsung&utm_campaign=email-mme&redirect_uri=https%3A%2F%2Fuson.savings.beneplace.com%2Fhome%3Foff_guid%3D6SZ6y4C0jZhifkn9VakBi5%26ebldr_form%3D2.01%26source-id%3Demail%26utm_source%3Demail%26utm_campaign%3Demail-mme%26utm_medium%3DJanuary-29-2024-Samsung%26DLK%3D88730crr5ph7ir46zt4obnwvr Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 25- https://uson.savings.beneplace.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
- https://uson.savings.beneplace.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/main.js
- https://ad.doubleclick.net/ddm/activity/src=12084042;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://uson.savings.beneplace.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706729601.175614 HTTP 302
- https://ad.doubleclick.net/ddm/activity/src=12084042;dc_pre=CM32-pyviIQDFcHh_QUdMpYPyA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://uson.savings.beneplace.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706729601.175614 HTTP 302
- https://adservice.google.com/ddm/fls/z/src=12084042;dc_pre=CM32-pyviIQDFcHh_QUdMpYPyA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=https://uson.savings.beneplace.com/;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706729601.175614
- https://secure.adnxs.com/seg?add=32509374&t=2 HTTP 307
- https://secure.adnxs.com/bounce?%2Fseg%3Fadd%3D32509374%26t%3D2
56 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
home
uson.savings.beneplace.com/ |
9 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-a0e5cece2585.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/ |
652 KB 156 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
new-relic-integration.js
uson.savings.beneplace.com/assets/new-relic/ |
51 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@4.5.3/dist/css/ |
157 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
maps.googleapis.com/maps/api/ |
192 KB 65 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web-animations.min.js
cdnjs.cloudflare.com/ajax/libs/web-animations/2.3.1/ |
47 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runtime.7a44192ec7795934.js
uson.savings.beneplace.com/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfills.0f88da5fdbf95761.js
uson.savings.beneplace.com/ |
141 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts.b785e07ef29de485.js
uson.savings.beneplace.com/ |
166 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.21d8066a1ba27670.js
uson.savings.beneplace.com/ |
5 MB 1 MB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
237 KB 79 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
185 B 676 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles.470895e6035d0005.css
uson.savings.beneplace.com/ |
98 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
S6uyw4BMUTPHjx4wXiWtFCc.woff2
fonts.gstatic.com/s/lato/v24/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.beneplace.com/ |
48 B 467 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
gen_204
maps.googleapis.com/maps/api/mapsjs/ |
3 B 45 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
277 KB 92 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
38 B 0 |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info
uson.savings.beneplace.com/api/ |
8 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
marketplace-styles.css
uson.savings.beneplace.com/api/uson/ |
32 KB 5 KB |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
colors.css
uson.savings.beneplace.com/api/uson/ |
3 KB 789 B |
XHR
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCea9d317d3a374e44b3f0f8711e38765e-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ |
2 KB 1015 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
main.js
uson.savings.beneplace.com/cdn-cgi/challenge-platform/h/b/scripts/jsd/24864818/ Frame B497 Redirect Chain
|
7 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 261 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
16 B 229 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sync
live.rezync.com/ |
5 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
84e462be6d35450a
uson.savings.beneplace.com/cdn-cgi/challenge-platform/h/b/jsd/r/ Frame B497 |
0 339 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
1 B 353 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
258 KB 86 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.google-analytics.com/g/ |
0 54 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p13n.min.js
cdn.boomtrain.com/p13n/ebg-wag3/ |
93 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
com-wag3.netmng.com/ |
7 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;gdpr=$%7BGDPR%7D;gdpr_consent=$%7BGDPR_CONSENT_755%7D;ord=1706729601.175614
adservice.google.com/ddm/fls/z/src=12084042;dc_pre=CM32-pyviIQDFcHh_QUdMpYPyA;type=unive0;cat=unive0;u1=;u2=;u3=;u4=;u5=;u6=;u7=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u18=;u19=;u20=;u22=;u23=;u28=;u29=h... Redirect Chain
|
42 B 401 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bounce
secure.adnxs.com/ Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
uson
uson.savings.beneplace.com/api/controls/ |
2 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resolve
people.api.boomtrain.com/identify/ |
142 B 457 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC6b40217ba8b34b5c95f7ac097beadf09-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ |
451 B 549 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC668a267ca36c45b5acca38f3e4360a76-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ |
340 B 478 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
com-wag3.netmng.com/WAG3/com/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
track
events.api.boomtrain.com/event/ |
2 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nr-spa.142f942f-1.239.1.min.js
js-agent.newrelic.com/ |
75 KB 26 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-2ebdf5b38afbaafd48e
bam.nr-data.net/1/ |
40 B 414 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC0c16579d5c704bd0a214633d669d35f2-source.min.js
assets.adobedtm.com/a281455e4dfe/86f9b29df5eb/99b0d340b49c/ |
1018 B 811 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
NRJS-2ebdf5b38afbaafd48e
bam.nr-data.net/events/1/ |
24 B 353 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
dlk-compare
uson.savings.beneplace.com/api/known/ |
182 B 509 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
info
uson.savings.beneplace.com/api/ |
10 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
Primary Request
sign-in
auth.savings.beneplace.com/uson/ Redirect Chain
|
16 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
v1
auth.savings.beneplace.com/cdn-cgi/challenge-platform/h/b/orchestrate/chl_page/ |
167 KB 56 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
challenges.cloudflare.com/turnstile/v0/b/24864818/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
favicon.ico
auth.savings.beneplace.com/ |
10 KB 10 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
c6371141-a514-42ab-8b06-57c949ab99be
https://auth.savings.beneplace.com/ |
13 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
239abc1588a11e1
auth.savings.beneplace.com/cdn-cgi/challenge-platform/h/b/flow/ov1/1263502497:1706728096:7EcZhf7MhKuo2z-qItjqS6Rzs8dn6cqo3Qugz9gnK3Y/84e462d66a3f58f0/ |
13 KB 10 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
normal
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/b/turnstile/if/ov2/av0/rcv0/0/oud84/0x4AAAAAAADnPIDROrmt1Wwj/light/ Frame 7B6D |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
16 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| _cf_chl_opt function| rmxH0 boolean| edbe5 function| izwsuh5 function| OmLPrNfmlt function| tKag1 function| Anqh6 function| kJpBZF4 object| pJJamS8 object| nPFy8 function| jyslux3 object| BesK9 object| turnstile boolean| SCTZyT2 string| FeBU025 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.beneplace.com/ | Name: __cf_bm Value: 0RvfzXziPRwmNb8zY0RZLM2iZqn0vZwvK1ccA137Cgw-1706729600-1-AQA4SQJ48g2toe6bi7CyHeryN9Qa91OPcye55zOD+JCJVnGj2O9wvbtjvCuKC2M0JMa3pzWOm7UFCNq9Qt1WAQU= |
|
.beneplace.com/ | Name: AMCVS_B5F9FF2554F608410A4C98C6%40AdobeOrg Value: 1 |
|
.beneplace.com/ | Name: s_ecid Value: MCMID%7C21086972432292724094194753210655036589 |
|
.beneplace.com/ | Name: AMCV_B5F9FF2554F608410A4C98C6%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19754%7CMCMID%7C21086972432292724094194753210655036589%7CMCAAMLH-1707334400%7C6%7CMCAAMB-1707334400%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1706736800s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C5.4.0 |
|
.beneplace.com/ | Name: _ga Value: GA1.2.261314590.1706729601 |
|
.beneplace.com/ | Name: _gid Value: GA1.2.261331163.1706729601 |
|
.beneplace.com/ | Name: _gat_UA-2876877-9 Value: 1 |
|
.beneplace.com/ | Name: cf_clearance Value: Zbkd3fnDTeQffVdpHXR01woRQn_BXfYrpqWmzYFaKig-1706729601-1-Afj1WlesVaV4hdAvsaQ8vUUx/Jl0cStgKcdWqfilaj8O5Xgy5meDjs1qyDS3srKjICLZcLOXNk4w3XlWu1SFL1U= |
|
.rezync.com/ | Name: zync-uuid Value: 56e1f258-8c09-493d-9b2c-cdacc8b51620:1706729601.1725664 |
|
live.rezync.com/ | Name: sd-session-id Value: eyJfcGVybWFuZW50Ijp0cnVlLCJzZXNzaW9uX2lkIjoiNTZlMWYyNTgtOGMwOS00OTNkLTliMmMtY2RhY2M4YjUxNjIwOjE3MDY3Mjk2MDEuMTcyNTY2NCJ9.ZbqggQ.VtFGQznbPlB2FQNfDWQcrYhmwEw |
|
.adnxs.com/ | Name: XANDR_PANID Value: k2p0muK6rxIsmK35B-wLyZDGvBb4Lo2gke69Bhvqde8DARwY4Gh-PsXCQLBV7ocphvXZ-OhvwfqDztq3VkAKSrfnhGp0jgdQ-NJ8yq_fwvQ. |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: uuid2 Value: 4803748778772722710 |
|
.beneplace.com/ | Name: btIdentify Value: 72f0c4b1-2ccc-4d17-81ab-54a0cbf7896f |
|
.beneplace.com/ | Name: _bts Value: dbdbde22-5984-4a8d-9135-44bd7f7206fd |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4/8CxrEQF']wIg2Hb[JW1TU!1yIE'Yg-$0y=/d!!'5h$Z_8^ |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.doubleclick.net/ | Name: ar_debug Value: 1 |
|
.doubleclick.net/ | Name: receive-cookie-deprecation Value: 1 |
|
com-wag3.netmng.com/ | Name: evo5_WAG3 Value: nya8o8ebgadgg%7CO%7CWkVGaWN6QnRkR0ZVTWtoaVZWWm9jM05yWXl0VFUwSlNWa0pWVEdGNVJVbHhlbVJxYzBOMk5qZERkR1ZJYTBvNE1uaDRVR2hoTjBkMlJXWjNNbEFyUzJ4SE5YbzNkR1JJVW1KM1ZIbFRZMUZHYzNGNFUxZFFWMnhDYm10RmVURlFRVzh6WkRaelowUm9kM0pQUnl0aFlrOUhRM0pLZEdSaE9XVlRaelFyVEZKM05FWk9SWEpuZVc5TVJqZHJjRGhvWmxoUmJXUTNkbm95ZDJaS05HWm5Za1kzT1hOdk9Ea3JOemQyU0c1UEsxbzVjbXBtYTAxdWRXeExSbmxXYUdKcjp1MFFqM0lGczBIdFFNYkhwck5oR0NBPT0%3D |
|
.beneplace.com/ | Name: _bti Value: %7B%22app_id%22%3A%22ebg-wag3%22%2C%22bsin%22%3A%22otc2pYXCiRr7QrCuvmVcoSRrgxhODyyNTcdFCwivbq55Si6Hm2jWwuvHDxLD7UaLBw8c%2B8uPjZyTVqnLesZhVQ%3D%3D%22%2C%22is_identified%22%3Afalse%7D |
|
.beneplace.com/ | Name: _ga_2K753Z6D0L Value: GS1.2.1706729601.1.1.1706729602.0.0.0 |
|
.savings.beneplace.com/ | Name: split_test_groups Value: {} |
|
.beneplace.com/ | Name: _ga_FD2X5ZMELR Value: GS1.1.1706729600.1.1.1706729603.0.0.0 |
|
auth.savings.beneplace.com/ | Name: cf_chl_3 Value: 239abc1588a11e1 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-src *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com 'unsafe-inline' 'unsafe-eval' frame-ancestors 'self' *.beneplace.com:* *.workingadvantage.com:* *.ebgsolutions.com:* *.demdex.net:* *.everesttech.net:* *.adobedtm.com *.sc.omtrdc.net *.omtrdc.net *.qualtrics.com *.adobe.com *.keen.io *.youtube.com *.kaltura.com *.libertymutual.com |
Strict-Transport-Security | max-age=2592000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ad.doubleclick.net
adservice.google.com
assets.adobedtm.com
auth.savings.beneplace.com
bam.nr-data.net
cdn.boomtrain.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
challenges.cloudflare.com
com-wag3.netmng.com
dpm.demdex.net
events.api.boomtrain.com
fonts.gstatic.com
js-agent.newrelic.com
live.rezync.com
maps.googleapis.com
people.api.boomtrain.com
region1.google-analytics.com
secure.adnxs.com
smetrics.beneplace.com
stats.g.doubleclick.net
uson.savings.beneplace.com
www.google-analytics.com
www.googletagmanager.com
13.32.27.83
151.101.2.137
162.247.243.29
172.217.16.198
172.64.150.236
18.66.122.42
199.38.167.54
2001:4860:4802:32::36
2606:4700::6810:5814
2606:4700::6811:190e
2606:4700::6811:2b8
2a00:1450:4001:808::2008
2a00:1450:4001:809::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2003
2a00:1450:4001:829::200e
2a00:1450:400c:c0c::9d
2a02:26f0:3100:18c::1e80
3.223.177.182
34.241.81.135
37.252.171.21
52.45.70.255
63.140.62.17
0313ff313e24ddac9564c74aa33a4b9e7e383f1621b985720466454a3e1ded18
05632bd17ae6013db11864ba86f363756e305cd5a56ee788fe20774ed6c750f9
0f8ebc30899eb40dc08bb4de7e68953c83206792c3ec200f60464bed04966c52
144c8eb2b5ac64163e65528a33cf8173611882490e4d7d0af3ef958671be6f79
15ec705f37cf581b2862905c58e7d963334565af495c47207d296882b88ee5d4
170287bbbfc14739c9b3aa6ce30abb0669d418f01118028f4b06c198fdbdde1d
1da6ad9dfce9466037ec92e1f7699158c9a9347c669333c724f5cf6f3a7c0634
203a09ba5f459967203e02f9a932e7e39c79f875761031e7334e0a43530fa710
341083bce636014fe77945e54a94e8cce5c1a34cfe400bffe146af1e78e73cae
34ad1925015893a72041819ce524d1ca1194c87c3d1995a5cc57e0815bc345a0
353c49b0419dbcf31f807b3e3a7da77d2002837dc77b0d731d7aae8b287ed225
3b6461f55386a4ff356d1961c215ac39f0cd4955cd857d20ea567be15d5c7c9e
4403cd9a1a8cace9725a8bf898f9c1693dfee2fbd1f35ed0b273f8a260818024
462a66acbf50e933685e7587e9f1441df8225b2bb4d6b7bc5e757eccf4ff6575
46f16c323557a318dd6604bab3ebe8dbd9d23bc318b55eec33b0b0a4502c0bd1
4a6bf1aff55a8d5f1f584210d09008d014a04e6c5b1c9d1cd48fb30b6bbab98a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e1254ecd9c36e02437f35076e4f1efe6f3f2e86acaf8d63206eec8cc61ee168
51c28a44c986a235c6d74f2abfbafd9c9a01452515258628e10cbe3024c45a4e
55716bffdc0f21a432d17d79faa05016f3e172cb1287d48a819d6d6dc95ced2e
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5d159e233af5ec9cd87085dcb05d4212e0d28c5def84fb236bafb38a6c005518
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6bc181c119315e1aeb93533a86b27194ccd8d171a5d72c1ced438335608a6ef6
702a1f01de1e6ba80c1e16ef51ba924e1b90a206596b2b87360add10690fb7b9
7678fff11f92c598d89035e7f1e5ae839902925df05059daa23901b914765975
80e744f5d84732e49c10e20a1e8d9aa08c5d2ce899be1bacdbb5f57ed7391ccf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85e38bc08194b20e1a64cf3e9f1266dbb8498f72312bb2543b3314f05ad415dd
8860e7fef89219a219cb11d18bd8e4a322f32072613f86e935e7fe162ab69c04
8b78f6c2694ded95d29e65bb8299cd7817d76feaf57363c4eee7fc27faea9624
9219086b4f2c3bf77854b2e06ccd97ad32b9b7a140e65ff8b974a3bae6c7854c
92598de2d31f86547a73877fbbe8a510a42895e1f0ba3a6ab14a83d5df07a0c8
92bd012680fd71378eb436eb0feaaaef5e20f4aefee239e2a4b8955dd2677607
97bc08d6b6bf5af4d695f68afa6636543e36b0a2e7ea0187add5a3c12e4f70d4
ac3e5cf9dbf7e7d8afbde8193602e353a531e05ea3ed89990432248a8c73ee18
b40e5d49a5a4e45e5b1d129bbdc3f1f7b7ef4c464063147273a47e9f4aaf825e
bc49c009b33e66a59f057cf4ada682b80d4401d919ddf0f8d3ef2bb0415f0b23
bc83c7ec22a67fb4f4f9da76257b42c5329c0367f497ae5ffd532f4d065d3df2
c831a58c25f63105a06a622b3435bc6761474664f87e8e7b6ef8dccafa0d890f
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cbb3c795fd44c83a1200149b18e0df050fe228df4b5b03891373029117d8bd6b
cd6c50080cda668d0e858886b870ff15124d16be997d5b0d43e97d4788a20879
cdaf31a1071286676944848c1e53c284a611e39473e322a75caf358b1b24e19d
d4ae5188a65370ecfe28f42293bbee8297cfd5712c6aadfdb270d48f2bcd88b0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb14bf1316af1de9825f62d16139c334fffcb24cb29fa09ab74ce18bde24bffc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f77c0d1739b618edc4a01ca3f6b2990b01a3009030af49ee8cf68e83052df194
fec7f2071ca0271b74e9948b436226b4cf9e0ebad3263aac40f8169ddc9c2ffe