ncplans.retirepru.com
Open in
urlscan Pro
35.162.66.84
Public Scan
Submitted URL: http://d00vnd0m.r.us-east-1.awstrack.me/L0/www.ncplans.prudential.com/1/0100017a6a7bc216-a188e72b-2242-412d-907c-91590cd4601f-000000/otb...
Effective URL: https://ncplans.retirepru.com/
Submission: On July 05 via manual from US
Effective URL: https://ncplans.retirepru.com/
Submission: On July 05 via manual from US
Summary
This website contacted 17 IPs
in 5 countries
across 14 domains to perform 67 HTTP transactions.
The main IP is 35.162.66.84, located in
Boardman, United States and
belongs to AMAZON-02, US.
The main domain is ncplans.retirepru.com.
TLS certificate: Issued by Entrust Certification Authority - L1K on July 30th 2020. Valid for: a year.
This is the only time ncplans.retirepru.com was scanned on urlscan.io!
TLS certificate: Issued by Entrust Certification Authority - L1K on July 30th 2020. Valid for: a year.
This is the only time ncplans.retirepru.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
1
100.24.241.224
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-241-224.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-100-24-241-224.compute-1.amazonaws.com
| d00vnd0m.r.us-east-1.awstrack.me |
1
12.34.100.15
(United States)
ASN6253 (PRUASN, US)
PTR: prudential.com.mx
ASN6253 (PRUASN, US)
PTR: prudential.com.mx
| www.ncplans.prudential.com |
39
35.162.66.84
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-66-84.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-66-84.us-west-2.compute.amazonaws.com
| ncplans.retirepru.com |
1
13.224.193.8
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-8.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-8.fra2.r.cloudfront.net
| cdn.pficdn.com |
11
18.195.42.228
(Frankfurt am Main, Germany)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-42-228.eu-central-1.compute.amazonaws.com
| nexus.ensighten.com |
2
52.18.85.49
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-85-49.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
3
142.250.184.230
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f6.1e100.net
| fls.doubleclick.net | |
| 2988838.fls.doubleclick.net |
1
52.17.73.77
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-73-77.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-73-77.eu-west-1.compute.amazonaws.com
| prudential.demdex.net |
2
15.236.176.210
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
| prudential.sc.omtrdc.net |
1
54.171.42.33
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-42-33.eu-west-1.compute.amazonaws.com
| cm.everesttech.net |
1
23.45.99.241
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a23-45-99-241.deploy.static.akamaitechnologies.com
| tags.bluekai.com |
1
2a00:1450:4001:829::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
1
2a00:1450:4001:808::200e
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.google-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 39 |
retirepru.com
ncplans.retirepru.com |
4 MB |
| 11 |
ensighten.com
nexus.ensighten.com |
173 KB |
| 4 |
doubleclick.net
1 redirects
fls.doubleclick.net 2988838.fls.doubleclick.net stats.g.doubleclick.net |
2 KB |
| 3 |
demdex.net
dpm.demdex.net prudential.demdex.net |
5 KB |
| 2 |
google-analytics.com
www.google-analytics.com |
19 KB |
| 2 |
google.com
adservice.google.com www.google.com |
622 B |
| 2 |
omtrdc.net
prudential.sc.omtrdc.net |
543 B |
| 1 |
google.de
www.google.de |
107 B |
| 1 |
bluekai.com
tags.bluekai.com |
648 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net |
517 B |
| 1 |
pficdn.com
cdn.pficdn.com |
40 KB |
| 1 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
5 KB |
| 1 |
prudential.com
www.ncplans.prudential.com |
388 B |
| 1 |
awstrack.me
1 redirects
d00vnd0m.r.us-east-1.awstrack.me |
142 B |
| 67 | 14 |
| Domain | Requested by | |
|---|---|---|
| 39 | ncplans.retirepru.com |
ncplans.retirepru.com
|
| 11 | nexus.ensighten.com |
ncplans.retirepru.com
nexus.ensighten.com |
| 2 | www.google-analytics.com |
nexus.ensighten.com
|
| 2 | 2988838.fls.doubleclick.net |
1 redirects
nexus.ensighten.com
|
| 2 | prudential.sc.omtrdc.net |
nexus.ensighten.com
ncplans.retirepru.com |
| 2 | dpm.demdex.net |
nexus.ensighten.com
ncplans.retirepru.com |
| 1 | www.google.de | |
| 1 | www.google.com | |
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | tags.bluekai.com |
nexus.ensighten.com
|
| 1 | adservice.google.com |
2988838.fls.doubleclick.net
|
| 1 | cm.everesttech.net | 1 redirects |
| 1 | prudential.demdex.net |
nexus.ensighten.com
|
| 1 | fls.doubleclick.net |
www.ncplans.prudential.com
|
| 1 | cdn.pficdn.com |
ncplans.retirepru.com
|
| 1 | maxcdn.bootstrapcdn.com |
ncplans.retirepru.com
|
| 1 | www.ncplans.prudential.com | |
| 1 | d00vnd0m.r.us-east-1.awstrack.me | 1 redirects |
| 67 | 18 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.prudential.com |
| ssologin.prudential.com |
| www.retirepru.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| ncplans.retirepru.com Entrust Certification Authority - L1K |
2020-07-30 - 2021-07-30 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-03-01 - 2022-02-28 |
a year | crt.sh |
| cdn.prudential.com Entrust Certification Authority - L1K |
2020-08-17 - 2021-08-17 |
a year | crt.sh |
| nexus.ensighten.com DigiCert SHA2 Secure Server CA |
2020-09-09 - 2021-10-11 |
a year | crt.sh |
| *.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
| *.sc.omtrdc.net DigiCert SHA2 High Assurance Server CA |
2020-10-29 - 2021-11-29 |
a year | crt.sh |
| *.google.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
| odc-pixel-prod-01.oracle.com DigiCert SHA2 Secure Server CA |
2021-04-25 - 2022-04-26 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1O1 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2021-06-07 - 2021-08-30 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://ncplans.retirepru.com/
Frame ID: 1B9518582284545F3FF43AD6395BDC37
Requests: 65 HTTP requests in this frame
Frame:
https://prudential.demdex.net/dest5.html?d_nsid=0
Frame ID: FF89369630B5E7CC270950B44208151D
Requests: 1 HTTP requests in this frame
Frame:
https://2988838.fls.doubleclick.net/activityi;dc_pre=CIjh2vXPzPECFet_0wodKo4Pww;src=2988838;type=global;cat=unive0;u4=62820647486290749500980870098427354822;u5=;u6=https://ncplans.retirepru.com/;u7=PageLoad;u11=ncplans.retirepru.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5932288562731.111
Frame ID: F78BA77CD87A103F0D96427EBE1C3368
Requests: 2 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://d00vnd0m.r.us-east-1.awstrack.me/L0/www.ncplans.prudential.com/1/0100017a6a7bc216-a188e72b-2242-412d-907c-915...
HTTP 302
http://www.ncplans.prudential.com/ Page URL
- https://ncplans.retirepru.com/ Page URL
Detected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
- script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Apache
(Web Servers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
DoubleClick Floodlight
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /https?:\/\/fls\.doubleclick\.net/i
Ensighten
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/nexus\.ensighten\.com\//i
Font Awesome
(Font Scripts)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
4 Outgoing links
These are links going to different origins than the main page.
URL: http://www.prudential.com/online/retirement
Title: Log inopens in new window
Title: Log inopens in new window
Search URL Search Domain Scan URL
URL: https://ssologin.prudential.com/app/rsosponsor/Login.fcc?TYPE=33554433&REALMOID=06-0002cbb6-1816-1e68-a336-669030a0f014&GUID=&SMAUTHREASON=0&METHOD=GET&SMAGENTNAME=rsosponsor&TARGET=-SM-https%3a%2f%2frsosponsor%2eprudential%2ecom%2fsponsor
Title: Employer Log Inopens in new window
Title: Employer Log Inopens in new window
Search URL Search Domain Scan URL
URL: http://www.retirepru.com/privacy
Title: Privacy Centeropens in new window
Title: Privacy Centeropens in new window
Search URL Search Domain Scan URL
URL: http://www.prudential.com/accessibilityhelp
Title: Accessibility Help opens in new window
Title: Accessibility Help opens in new window
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://d00vnd0m.r.us-east-1.awstrack.me/L0/www.ncplans.prudential.com/1/0100017a6a7bc216-a188e72b-2242-412d-907c-91590cd4601f-000000/otbT-zlkafyoWriWHccYh8XOvsc=225
HTTP 302
http://www.ncplans.prudential.com/ Page URL
- https://ncplans.retirepru.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://d00vnd0m.r.us-east-1.awstrack.me/L0/www.ncplans.prudential.com/1/0100017a6a7bc216-a188e72b-2242-412d-907c-91590cd4601f-000000/otbT-zlkafyoWriWHccYh8XOvsc=225 HTTP 302
- http://www.ncplans.prudential.com/
- https://cm.everesttech.net/cm/dd?d_uuid=63113094197123671190947135571544961231 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YONYEwAAAFSyxwhv
- https://2988838.fls.doubleclick.net/activityi;src=2988838;type=global;cat=unive0;u4=62820647486290749500980870098427354822;u5=;u6=https://ncplans.retirepru.com/;u7=PageLoad;u11=ncplans.retirepru.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5932288562731.111 HTTP 302
- https://2988838.fls.doubleclick.net/activityi;dc_pre=CIjh2vXPzPECFet_0wodKo4Pww;src=2988838;type=global;cat=unive0;u4=62820647486290749500980870098427354822;u5=;u6=https://ncplans.retirepru.com/;u7=PageLoad;u11=ncplans.retirepru.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5932288562731.111
67 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
 Cookie set
/
www.ncplans.prudential.com/ Redirect Chain
|
117 B 388 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Primary Request
/
ncplans.retirepru.com/ |
22 KB 8 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap.css
ncplans.retirepru.com/_Assets/css/ |
143 KB 31 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ |
23 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
ncplans.retirepru.com/_Assets/css/ |
41 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tk.css
ncplans.retirepru.com/_Assets/css/ |
11 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
playbook.min.css
ncplans.retirepru.com/_Assets/css/ |
262 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
accordian.css
ncplans.retirepru.com/_Assets/css/ |
3 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
carousel.css
ncplans.retirepru.com/_Assets/css/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
table.css
ncplans.retirepru.com/_Assets/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bootstrap-accessibility.css
ncplans.retirepru.com/_Assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modal.css
ncplans.retirepru.com/_Assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
investments.css
ncplans.retirepru.com/_Assets/css/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
investments-pagetable.css
ncplans.retirepru.com/_Assets/css/ |
2 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
ncplans.retirepru.com/_Assets/js/ |
94 KB 42 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pru-strap.min.js
cdn.pficdn.com/pru-strap/1.2.0/assets/ |
122 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Bootstrap.js
nexus.ensighten.com/prudential/production/ |
65 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
nc-tri-logo.png
ncplans.retirepru.com/_Assets/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
carousel_1.jpg
ncplans.retirepru.com/_Assets/images/carousel/ |
561 KB 562 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
carousel_2.jpg
ncplans.retirepru.com/_Assets/images/carousel/ |
749 KB 750 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Dale-Folwell.jpg
ncplans.retirepru.com/_Assets/images/counselors/ |
7 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
signature.png
ncplans.retirepru.com/_Assets/images/ |
9 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
NC3Q20_1200x670.jpg
ncplans.retirepru.com/_Assets/images/ |
371 KB 371 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
news_2.jpg
ncplans.retirepru.com/_Assets/images/ |
184 KB 184 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
news_3.jpg
ncplans.retirepru.com/_Assets/images/ |
218 KB 218 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
news_4.jpg
ncplans.retirepru.com/_Assets/images/ |
713 KB 714 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
news_5.jpg
ncplans.retirepru.com/_Assets/images/ |
670 KB 670 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
news_6.jpg
ncplans.retirepru.com/_Assets/images/ |
46 KB 46 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
trees.gif
ncplans.retirepru.com/_Assets/images/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
copyright.js
ncplans.retirepru.com/_Assets/js/ |
5 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
979 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
color_bar2.gif
ncplans.retirepru.com/_Assets/images/ |
46 B 317 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
opensans-regular-webfont.woff2
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sun-bold-webfont.woff2
ncplans.retirepru.com/_Assets/fonts/sun-bold/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fontawesome-webfont.woff2
ncplans.retirepru.com/_Assets/fonts/ |
75 KB 76 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prudentialmodern-boldsemcon-webfont.woff
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sun-regular-webfont.woff2
ncplans.retirepru.com/_Assets/fonts/sun-regular/ |
23 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
opensans-bold-webfont.woff2
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
serverComponent.php
nexus.ensighten.com/prudential/production/ |
1 KB 603 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adee10f75979f9fe74716858eb0913ca.js
nexus.ensighten.com/prudential/production/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ac440ddaddb92a3b397f5baa4faf1ed1.js
nexus.ensighten.com/prudential/production/code/ |
319 B 501 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
01495557afba9c4ac0a554459f62cded.js
nexus.ensighten.com/prudential/production/code/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
89880e074823eca3ed7d7d18f87d4377.js
nexus.ensighten.com/prudential/production/code/ |
291 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f2cd6e35e4659fb96760b64b80950511.js
nexus.ensighten.com/prudential/production/code/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
8b031a3bcd45b346b87eba879d96c90a.js
nexus.ensighten.com/prudential/production/code/ |
128 KB 42 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b28cd30861758d869236eb57f864e43f.js
nexus.ensighten.com/prudential/production/code/ |
79 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
7a45105d2f930cfba9692c8f9d725c61.js
nexus.ensighten.com/prudential/production/code/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
369 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
fls.doubleclick.net/ |
40 B 740 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
opensans-regular-webfont.woff
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
prudentialmodern-boldsemcon-webfont.ttf
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
prudential.demdex.net/ Frame FF89 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
prudential.sc.omtrdc.net/ |
2 B 321 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=YONYEwAAAFSyxwhv
dpm.demdex.net/ Redirect Chain
|
42 B 956 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
opensans-bold-webfont.woff
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
opensans-regular-webfont.ttf
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s08621417431401
prudential.sc.omtrdc.net/b/ss/prudentialusprod/1/JS-2.8.2/ |
43 B 222 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
;u7=PageLoad;u11=ncplans.retirepru.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5932288562731.111
2988838.fls.doubleclick.net/activityi;dc_pre=CIjh2vXPzPECFet_0wodKo4Pww;src=2988838;type=global;cat=unive0;u4=62820647486290749500980870098427354822;u5=;u6=https://ncplans.retirepru.com/ Frame F78B Redirect Chain
|
511 B 419 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
e.gif
nexus.ensighten.com/error/ |
0 106 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
opensans-bold-webfont.ttf
ncplans.retirepru.com/_Assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
;u7=PageLoad;u11=ncplans.retirepru.com;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=1;num=5932288562731.111
adservice.google.com/ddm/fls/z/dc_pre=CIjh2vXPzPECFet_0wodKo4Pww;src=2988838;type=global;cat=unive0;u4=62820647486290749500980870098427354822;u5=;u6=https://ncplans.retirepru.com/ Frame F78B |
42 B 515 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
53831
tags.bluekai.com/site/ |
41 B 648 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 19 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 92 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
carousel_2.jpg
ncplans.retirepru.com/_Assets/images/carousel/ |
749 KB 750 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
74 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated function| $ function| jQuery function| svg4everybody function| myFunction object| ensBootstraps object| Bootstrapper function| copyright function| disclosures function| logo number| _delay function| waitQueue string| customPageName object| adobe function| Visitor object| s_c_il number| s_c_in object| visitor string| sName string| s_baseCodeVersion string| chkHost string| s_account object| s object| dfaConfig function| s_doPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq boolean| botTestVar object| s_Integrate_DFA string| v number| s_objectID number| s_giq undefined| adobeMCVID object| s_3_Integrate_DFA_get_0 string| ref string| x string| y object| s_Obj string| s_PPVid function| s_PPVevent number| s_PPVi number| s_PPVt string| pruID string| retirementID string| annuitiesID string| pruonlineID string| groupID string| otherUserID string| otherUserIDType object| s_i_prudentialusprod object| publisherFW object| prodArray string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| bk_results11 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .retirepru.com/ | Name: s_ppvl Value: ncplans.retirepru%2C54%2C54%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP |
|
| .retirepru.com/ | Name: AMCV_A3F5A8DC5886052D0A495CC3%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18814%7CMCMID%7C62820647486290749500980870098427354822%7CMCAAMLH-1626116755%7C6%7CMCAAMB-1626116755%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1625519155s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-18821%7CvVersion%7C4.4.0 |
|
| .demdex.net/ | Name: demdex Value: 63113094197123671190947135571544961231 |
|
| .retirepru.com/ | Name: s_ppv Value: ncplans.retirepru%2C47%2C47%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CP |
|
| .retirepru.com/ | Name: analyticsAuth Value: 0 |
|
| .retirepru.com/ | Name: gpv_pn Value: ncplans.retirepru |
|
| .retirepru.com/ | Name: s_getNewRepeat Value: 1625511955780-New |
|
| .retirepru.com/ | Name: s_cc Value: true |
|
| .retirepru.com/ | Name: AMCVS_A3F5A8DC5886052D0A495CC3%40AdobeOrg Value: 1 |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUktt2yvDqRJf1z-Y9JhlpXnm--EoC7ZMZPT-8BcKEr_NKeSZWe7GMkTne_Nxew |
|
| .retirepru.com/ | Name: s_dfa Value: prudentialusprod |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
2988838.fls.doubleclick.net
adservice.google.com
cdn.pficdn.com
cm.everesttech.net
d00vnd0m.r.us-east-1.awstrack.me
dpm.demdex.net
fls.doubleclick.net
maxcdn.bootstrapcdn.com
ncplans.retirepru.com
nexus.ensighten.com
prudential.demdex.net
prudential.sc.omtrdc.net
stats.g.doubleclick.net
tags.bluekai.com
www.google-analytics.com
www.google.com
www.google.de
www.ncplans.prudential.com
100.24.241.224
12.34.100.15
13.224.193.8
142.250.184.230
15.236.176.210
18.195.42.228
23.45.99.241
2606:4700::6812:bcf
2a00:1450:4001:801::2002
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:400c:c08::9a
35.162.66.84
52.17.73.77
52.18.85.49
54.171.42.33
0d1a9ec24e4c807938c6f1f3a00544568e69894131fee3a9289a45cf51b4c8dd
13e0cb4092a4c22d8971b061835ce16262a8062033ffce1f96fc6092edb8eda2
17707ada4057fda11a930f009b85381ce2a869bdc3e8e68af2fd7e0c4ad8ba9a
1ae94bedbed0a73ada194fc883dd3c4c45ae9bf3d5410237e371dfe4cf7e645e
1d04d95a4136f8118036456e776dd95e6b50cae95d8c92f2d392927dab140f73
24cf9dc80d3f1ef962f5328c4a93c958487be180ed91881870f50b6454d3f0cd
290fc06c631c246b818f7ccc5d28481a3c84ff6253e87a7540e0479a0167d6ee
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d1a3086dbd15766e91b62cc9171d84fdab91a71d625eff5cb9751d57c3c2ba6
2e2455749dc83c20862f2a0a0567f793cb60a3bc50acb6aab5dbd90b4a7fa4e3
3bed91a15389a18e79787b146141131b56cf9e55254d4512207d24604905cebc
433cf4d1688763e2c82300cc776ae2dc550ce1f9792ee44a60c56e45aa8b4685
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4904b788d9dbaf992b88c68c9edc00c73789524ae362d9548b31361e2b630320
4a866b9f3bde5707be52272f16c1d2575a3275e6ba91bf329b206c32f622d5f8
524a04e7d3029a2a30ba3642755d8a55c228b99139145dbc5ba4772083b24eaf
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
638e9d3dd7657a30378a4b3a46803ae9c6ee63be3948fa59340b49b9e8c488ad
68c199759ed1cc8f47b5d525b9ab61de5eca8f9b2d1b53a61bf31a786a04f385
6bcc314973a308e053772dff90eeb348e4ffb18adef5e6b0ae6333335cfb3c12
6bd280845d78c807260333c605197373fe819131a68207f153516c00b2d96113
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
79c55691a6058496cbd1ed1e3fba9d7dccc0674fe194a4869e16e00f269b3608
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
95c66f514a2f1792e0d4c28f112853b26547d82499f7a518eb7455b17e55be8c
9c9ff2b033f017b35d86896d800137de590de6666f4bdde5465f67b78d1c81ee
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a626e4c140a77dd5f794704a146d0dfe523803d26bedfa2b20192e77d80a1aad
ab6b7549fdd0eac43feb6eb46dca9dad9cbcd58decf7dbfca823f03dfa083999
b39907f52c967a64176cc0b298354194ce8ecdb94d91d1c6d7afdd41945e1d37
b629b5981944d5162cf162e8491542cfd9eff3ed1d5a4c055448a8b409c2d3c0
b825afcfa192b99f790e7ab8dce5d62b791d83f8b065505d70df41473e306826
bdeb81e48cdd8d3aba284f691474b1dad5542bcb92c7d0a9a67f40fbaeb0951f
bed13ddac6ae99fe9db8b0bc64d7a9392b93cf5e29eaf8741e99a0d087eba0a7
c907f8cfc67b665e3983d126ba1a0a4c565ae7d697369cef586041c526a13904
cd3439e083a546371fb3a0d1f730d7b6b832a33df6b88e92e11ed9d5a93f8f21
daeee877b1ce25783c3613b335f1f4058ec41f6d7ac7d5b3c9aaf60e22b213df
e0d882aab317678f7c64226ac1bd3fa3995fe2d8ef35716d328732683eac3151
e17d5cd8588bfc22c2a5b7d67e559d060d0583f9ca40ba1d35451cc06bc99708
e32a6ae5e43f7f652674e0f03dc23f86839f839b29ee4e63c01c93da180bb0d0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7617f73ef8640e75c3467fc7a6f11f2230058388f9d249cfecead2a38111801
e85e5f47d3d5f981dc56c31973759f4d2f9b077a7e7059cb0be8eabc1fb4b79e
eabef07896f7909734598848e100eee099119ce18f3d3bba4a102b5796d95187
ec81801b465bf4433560bbd599aabdf985307a193347c6d10efaa1bf83adb59f
ec9546796627d618fed96e15e33d47d2fef44b219b61a0b4f1883ee0a303b690
ecbed110e9ad21944c28be876b8a54ab8f77ae11f284b66fbb0197eed03f4828
ee8eb22faea53a894017bb75f742f07bdad16595d06cdee1d25dc7db26ea8e84
eeee99c6d77768ebca687745aa0c9aa342439adaa4cc64e874d8839e723e6fdf
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f776df1c419dd5717af6aeab07f4597e55d8d7564ff70cccd590fe4dbc6065a9
fa165d209684c6a3ed3330ad40f7bfcc688d16bf57d3ec53ac92b8925b695a71
fc9cc6050cb99e5097549d04e20272c825e728bce705dee95c621f87499dc2eb