secure.califbankus.com
Open in
urlscan Pro
198.23.58.63
Public Scan
URL:
https://secure.califbankus.com/
Submission: On September 20 via automatic, source certstream-urgent — Scanned from DE
Submission: On September 20 via automatic, source certstream-urgent — Scanned from DE
Summary
This website contacted 14 IPs
in 4 countries
across 13 domains to perform 50 HTTP transactions.
The main IP is 198.23.58.63, located in
United States and
belongs to STEADFAST, US.
The main domain is secure.califbankus.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 13th 2021. Valid for: 3 months.
This is the only time secure.califbankus.com was scanned on urlscan.io!
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 13th 2021. Valid for: 3 months.
This is the only time secure.califbankus.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
33
198.23.58.63
(United States)
ASN32748 (STEADFAST, US)
PTR: thedigitalisbetter.com
ASN32748 (STEADFAST, US)
PTR: thedigitalisbetter.com
| secure.califbankus.com |
1
104.111.248.106
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-106.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-248-106.deploy.static.akamaitechnologies.com
| sjs.bizographics.com |
3
142.250.185.166
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net
| 4808300.fls.doubleclick.net |
2
108.174.11.37
(United States)
ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com
ASN14413 (LINKEDIN, US)
PTR: 108-174-11-37.fwd.linkedin.com
| px.ads.linkedin.com |
1
142.250.185.194
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
| adservice.google.com |
1
104.207.158.220
(Seattle, United States)
ASN20473 (AS-CHOOPA, US)
PTR: 104.207.158.220.vultr.com
ASN20473 (AS-CHOOPA, US)
PTR: 104.207.158.220.vultr.com
| www.mnixpixel.com |
2
15.236.176.210
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com
| 102.112.2o7.net |
2
142.250.186.72
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net
| ssl.google-analytics.com |
1
142.251.5.157
(United States)
ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net
ASN15169 (GOOGLE, US)
PTR: wg-in-f157.1e100.net
| stats.g.doubleclick.net |
1
142.250.185.132
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f4.1e100.net
| www.google.com |
1
13.225.84.220
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-220.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-84-220.fra2.r.cloudfront.net
| d10lpsik1i8c69.cloudfront.net |
6
13.224.193.18
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-18.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-18.fra2.r.cloudfront.net
| s.adroll.com |
1
52.19.99.3
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-99-3.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-99-3.eu-west-1.compute.amazonaws.com
| d.adroll.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 33 |
califbankus.com
secure.califbankus.com |
1 MB |
| 7 |
adroll.com
2 redirects
s.adroll.com d.adroll.com |
49 KB |
| 4 |
doubleclick.net
2 redirects
4808300.fls.doubleclick.net stats.g.doubleclick.net |
2 KB |
| 3 |
linkedin.com
2 redirects
px.ads.linkedin.com www.linkedin.com |
3 KB |
| 2 |
google-analytics.com
1 redirects
ssl.google-analytics.com |
17 KB |
| 2 |
2o7.net
1 redirects
102.112.2o7.net |
917 B |
| 2 |
google.com
1 redirects
adservice.google.com www.google.com |
1 KB |
| 1 |
gwallet.com
rs.gwallet.com |
385 B |
| 1 |
cloudfront.net
d10lpsik1i8c69.cloudfront.net |
93 KB |
| 1 |
luckyorange.net
settings.luckyorange.net |
745 B |
| 1 |
luckyorange.com
ssl.luckyorange.com |
3 KB |
| 1 |
mnixpixel.com
www.mnixpixel.com |
287 B |
| 1 |
bizographics.com
sjs.bizographics.com |
2 KB |
| 50 | 13 |
| Domain | Requested by | |
|---|---|---|
| 33 | secure.califbankus.com |
secure.califbankus.com
|
| 6 | s.adroll.com |
2 redirects
secure.califbankus.com
s.adroll.com |
| 3 | 4808300.fls.doubleclick.net |
1 redirects
secure.califbankus.com
4808300.fls.doubleclick.net |
| 2 | ssl.google-analytics.com |
1 redirects
secure.califbankus.com
|
| 2 | 102.112.2o7.net |
1 redirects
secure.califbankus.com
|
| 2 | px.ads.linkedin.com |
1 redirects
secure.califbankus.com
|
| 1 | d.adroll.com |
s.adroll.com
|
| 1 | rs.gwallet.com |
4808300.fls.doubleclick.net
|
| 1 | d10lpsik1i8c69.cloudfront.net |
ssl.luckyorange.com
|
| 1 | settings.luckyorange.net |
ssl.luckyorange.com
|
| 1 | www.google.com |
secure.califbankus.com
|
| 1 | stats.g.doubleclick.net | 1 redirects |
| 1 | ssl.luckyorange.com |
secure.califbankus.com
|
| 1 | www.mnixpixel.com |
4808300.fls.doubleclick.net
|
| 1 | adservice.google.com | 1 redirects |
| 1 | www.linkedin.com | 1 redirects |
| 1 | sjs.bizographics.com |
secure.califbankus.com
|
| 50 | 17 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| secure.califbankus.com cPanel, Inc. Certification Authority |
2021-08-13 - 2021-11-11 |
3 months | crt.sh |
| js.bizographics.com DigiCert SHA2 Secure Server CA |
2020-03-23 - 2022-03-28 |
2 years | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| px.ads.linkedin.com DigiCert SHA2 Secure Server CA |
2021-09-16 - 2022-03-16 |
6 months | crt.sh |
| *.mnixpixel.com R3 |
2021-08-23 - 2021-11-21 |
3 months | crt.sh |
| *.112.2o7.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-04-14 - 2022-04-20 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-07-10 - 2022-07-09 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2021-08-30 - 2021-11-22 |
3 months | crt.sh |
| *.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
| *.gwallet.com Sectigo RSA Domain Validation Secure Server CA |
2021-07-27 - 2022-08-27 |
a year | crt.sh |
| s.adroll.com Amazon |
2021-08-02 - 2022-08-31 |
a year | crt.sh |
| adroll.mgr.consensu.org Amazon |
2021-09-09 - 2022-10-08 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://secure.califbankus.com/
Frame ID: 7639D28E65EE834AC68BF0ED63B05F6B
Requests: 45 HTTP requests in this frame
Frame:
https://4808300.fls.doubleclick.net/activityi;dc_pre=CJivgeKhjvMCFVGAUQodkecLmQ;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971
Frame ID: 8145EA8C173A20215D6150E23E03CD82
Requests: 1 HTTP requests in this frame
Frame:
https://4808300.fls.doubleclick.net/ddm/fls/r/dc_pre=CJivgeKhjvMCFVGAUQodkecLmQ;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971;~oref=https://secure.califbankus.com/
Frame ID: E485035FC6DEF0C86695648255DF7B45
Requests: 3 HTTP requests in this frame
Frame:
https://d10lpsik1i8c69.cloudfront.net/js/clickstream.js?v=3f719ce
Frame ID: 66543E6159BFFE07DAFC918A7D4DE574
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Business, Commercial, Personal Banking | California Bank & TrustDetected technologies
AdRoll
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- (?:a|s)\.adroll\.com
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Modernizr
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
- jquery[.-]([\d.]*\d)[^/]*\.js
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 27- https://4808300.fls.doubleclick.net/activityi;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971 HTTP 302
- https://4808300.fls.doubleclick.net/activityi;dc_pre=CJivgeKhjvMCFVGAUQodkecLmQ;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7021&time=1632165355872&url=https%3A%2F%2Fsecure.califbankus.com%2F HTTP 302
- https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D7021%26time%3D1632165355872%26url%3Dhttps%253A%252F%252Fsecure.califbankus.com%252F%26liSync%3Dtrue HTTP 302
- https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=7021&time=1632165355872&url=https%3A%2F%2Fsecure.califbankus.com%2F&liSync=true
- https://adservice.google.com/ddm/fls/i/dc_pre=CJivgeKhjvMCFVGAUQodkecLmQ;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971;~oref=https://secure.califbankus.com/ HTTP 302
- https://4808300.fls.doubleclick.net/ddm/fls/r/dc_pre=CJivgeKhjvMCFVGAUQodkecLmQ;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971;~oref=https://secure.califbankus.com/
- https://102.112.2o7.net/b/ss/cabank/1/G.2-Xpd-S/s64039607982748?[AQB]&ndh=1&t=20/8/2021%2019%3A15%3A56%201%200&g=https%3A//secure.califbankus.com/&s=1600x1200&c=24&j=1.3&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&[AQE] HTTP 302
- https://102.112.2o7.net/b/ss/cabank/1/G.2-Xpd-S/s64039607982748?AQB=1&pccr=true&&ndh=1&t=20/8/2021%2019%3A15%3A56%201%200&g=https%3A//secure.califbankus.com/&s=1600x1200&c=24&j=1.3&v=N&k=Y&bw=1600&bh=1200&p=Chrome%20PDF%20Plugin%3BChrome%20PDF%20Viewer%3BNative%20Client%3B&AQE=1
- https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1392740943&utmhn=secure.califbankus.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Business%2C%20Commercial%2C%20Personal%20Banking%20%7C%20California%20Bank%20%26%20Trust&utmhid=896828464&utmr=-&utmp=%2F&utmht=1632165356231&utmac=UA-8614431-1&utmcc=__utma%3D172295585.1742336128.1632165356.1632165356.1632165356.1%3B%2B__utmz%3D172295585.1632165356.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1100831290&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-8614431-1&cid=1742336128.1632165356&jid=1100831290&_v=5.7.2&z=1392740943 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-8614431-1&cid=1742336128.1632165356&jid=1100831290&_v=5.7.2&z=1392740943
- https://s.adroll.com/j/exp/OVUE32ORBJB7HN6WWCQI6M/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://s.adroll.com/j/pre/OVUE32ORBJB7HN6WWCQI6M/Z2OI64Y6KVAEPAP7MCX4Z5/fpconsent.js HTTP 302
- https://s.adroll.com/j/pre/index.js
50 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
secure.califbankus.com/ |
16 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
normalize.min.css
secure.califbankus.com/application/themes/calbanktrust/css/ |
2 KB 974 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fonts.css
secure.califbankus.com/application/themes/calbanktrust/css/ |
4 KB 564 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main.css
secure.califbankus.com/application/themes/calbanktrust/css/ |
44 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modernizr-2.6.2.min.js
secure.califbankus.com/application/themes/calbanktrust/js/vendor/ |
16 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iMAWebCookie0e82.js
secure.califbankus.com/www.sc.pages05.net/lp/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
metrics2.js
secure.califbankus.com/zmetrics/ |
167 B 222 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
retention.js
secure.califbankus.com/ |
15 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
logo.png
secure.califbankus.com/application/themes/calbanktrust/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
337.png
secure.califbankus.com/contentAsset/image/415efce9-f414-445f-86fd-bdb54b812bc1/image/byInode/1/filter/Resize/resize_w/710/resize_h/ |
311 KB 311 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
337.png
secure.califbankus.com/contentAsset/image/adcb0550-f881-4300-822b-0af311181eef/image/byInode/1/filter/Resize/resize_w/710/resize_h/ |
289 KB 290 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
337.png
secure.califbankus.com/contentAsset/image/7f29dd60-1550-4e7e-aa62-3afb4cf02cca/image/byInode/1/filter/Resize/resize_w/710/resize_h/ |
330 KB 330 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
newsletter-footer-banner-20164ff1.jpg
secure.califbankus.com/contentAsset/raw-data/62905933-52fc-40f3-8740-34a8cec00f67/image/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
Equal_Housing_Lender.png
secure.califbankus.com/application/themes/calbanktrust/images/ |
383 B 426 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
jquery.min.js
secure.califbankus.com/ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
plugins.js
secure.califbankus.com/application/themes/calbanktrust/js/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
main.js
secure.califbankus.com/application/themes/calbanktrust/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
omniture.js
secure.califbankus.com/application/themes/calbanktrust/js/ |
12 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
checkbf05.js
secure.califbankus.com/w3.calbanktrust.com/fp/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
bg_body.gif
secure.califbankus.com/application/themes/calbanktrust/images/ |
53 B 94 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
PTSansRegular.woff
secure.califbankus.com/application/themes/calbanktrust/fonts/ |
59 KB 59 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
iMAWebCookie0e82.js
secure.califbankus.com/www.sc.pages05.net/lp/static/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
bg_mast.jpg
secure.califbankus.com/application/themes/calbanktrust/images/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
sprite_loginArrows.png
secure.califbankus.com/application/themes/calbanktrust/images/ |
461 B 504 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
bg_content_lines.jpg
secure.califbankus.com/application/themes/calbanktrust/images/ |
648 B 691 B |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
PTSansBold.woff
secure.califbankus.com/application/themes/calbanktrust/fonts/ |
61 KB 62 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
QuattrocentoSans-Regular-webfont.woff
secure.califbankus.com/application/themes/calbanktrust/fonts/ |
15 KB 15 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
insight.min.js
sjs.bizographics.com/ |
5 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
activityi;dc_pre=CJivgeKhjvMCFVGAUQodkecLmQ;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971
4808300.fls.doubleclick.net/ Frame 8145 Redirect Chain
|
493 B 406 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
jquery.min.js
secure.califbankus.com/ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
GandhiSerif-Regular-webfont.woff
secure.califbankus.com/application/themes/calbanktrust/fonts/ |
19 KB 19 KB |
Font
font/woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
px.ads.linkedin.com/ Redirect Chain
|
0 57 B |
Image
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
/
4808300.fls.doubleclick.net/ddm/fls/r/dc_pre=CJivgeKhjvMCFVGAUQodkecLmQ;src=4808300;type=homep;cat=cbt_h0;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=3575775053100.971;~oref=https://secu... Frame E485 Redirect Chain
|
606 B 443 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
jquery-1.9.1.min.js
secure.califbankus.com/application/themes/calbanktrust/js/vendor/ |
90 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
743421
www.mnixpixel.com/rt/ Frame E485 |
0 287 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
p0.js
secure.califbankus.com/metrics/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s64039607982748
102.112.2o7.net/b/ss/cabank/1/G.2-Xpd-S/ Redirect Chain
|
43 B 295 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
w.js
ssl.luckyorange.com/ |
5 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
checkbf05.js
secure.califbankus.com/w3.calbanktrust.com/fp/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
clear7593.png
secure.califbankus.com/w3.calbanktrust.com/fp/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ Redirect Chain
|
42 B 522 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
settings.luckyorange.net/ |
25 B 745 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clickstream.js
d10lpsik1i8c69.cloudfront.net/js/ Frame 6654 |
287 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
x44276r719387025
rs.gwallet.com/r1/pixel/ Frame E485 |
43 B 385 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
44 KB 45 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 749 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/ Redirect Chain
|
0 720 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
index.js
s.adroll.com/j/pre/OVUE32ORBJB7HN6WWCQI6M/Z2OI64Y6KVAEPAP7MCX4Z5/ |
0 781 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
OVUE32ORBJB7HN6WWCQI6M
d.adroll.com/consent/check/ |
394 B 487 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
331 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| onbeforexrselect boolean| originAgentCluster object| Modernizr object| html5 function| yepnope function| pCallback function| firePixels string| _bizo_data_partner_id string| axel number| a function| lintrk boolean| _already_called_lintrk function| $ function| jQuery function| parseUri function| init function| initLogin function| padString function| ieLoginRepaint function| sliders function| expandLeftColNav function| styleTables function| primaryNavClasses function| speedBump function| initPlaceholder function| trackBanner boolean| s_trackDownloadLinks boolean| s_trackExternalLinks boolean| s_trackInlineStats string| s_linkDownloadFileTypes string| s_linkInternalFilters boolean| s_linkLeaveQueryString string| s_un number| s_ios number| s_csss string| s_q string| s_code string| code number| s_bcr string| s_lnk string| s_eo undefined| s_vb object| s_tfs number| s_etfs object| s_wd boolean| s_ssl object| s_d object| s_n string| s_u string| s_apn string| s_v number| s_apv undefined| s_i number| s_ie number| s_ns6 boolean| s_isie boolean| s_isns boolean| s_isopera boolean| s_ismac function| s_co function| s_num function| s_rep function| s_ape function| s_epa function| s_pt function| s_fl string| s_c_d function| s_c_gdf function| s_c_gd function| s_c_r function| s_c_w function| s_cet function| s_gtfset function| s_gtfsoe function| s_gtfsfb function| s_gtfsf function| s_gtfs function| s_ca function| s_it function| s_mr function| s_gg string| s_qav function| s_havf function| s_hav function| s_lnf function| s_ln function| s_ltdf function| s_ltef function| s_lt function| s_lc function| s_ls function| s_bc function| s_ot function| s_oid function| s_rqf function| s_rq object| s_sqq object| s_squ function| s_sqp function| s_sqs function| s_sq function| s_wdl function| s_wds function| s_vs function| s_gs function| s_dc object| s_tm number| s_wd_l object| s_unl object| s_oe string| s_charSet undefined| s_g_charSet number| s_vpm_charSet string| s_cookieDomainPeriods undefined| s_g_cookieDomainPeriods number| s_vpm_cookieDomainPeriods string| s_pageName undefined| s_g_pageName number| s_vpm_pageName string| s_channel undefined| s_g_channel number| s_vpm_channel string| s_server undefined| s_g_server number| s_vpm_server string| s_pageType undefined| s_g_pageType number| s_vpm_pageType string| s_campaign undefined| s_g_campaign number| s_vpm_campaign string| s_state undefined| s_g_state number| s_vpm_state string| s_zip undefined| s_g_zip number| s_vpm_zip string| s_events undefined| s_g_events number| s_vpm_events string| s_products undefined| s_g_products number| s_vpm_products string| s_purchaseID undefined| s_g_purchaseID number| s_vpm_purchaseID string| s_eVarCFG undefined| s_g_eVarCFG number| s_vpm_eVarCFG string| s_linkName undefined| s_g_linkName number| s_vpm_linkName string| s_linkType undefined| s_g_linkType number| s_vpm_linkType string| s_prop1 undefined| s_g_prop1 number| s_vpm_prop1 string| s_eVar1 undefined| s_g_eVar1 number| s_vpm_eVar1 string| s_prop2 undefined| s_g_prop2 number| s_vpm_prop2 string| s_eVar2 undefined| s_g_eVar2 number| s_vpm_eVar2 string| s_prop3 undefined| s_g_prop3 number| s_vpm_prop3 string| s_eVar3 undefined| s_g_eVar3 number| s_vpm_eVar3 string| s_prop4 undefined| s_g_prop4 number| s_vpm_prop4 string| s_eVar4 undefined| s_g_eVar4 number| s_vpm_eVar4 string| s_prop5 undefined| s_g_prop5 number| s_vpm_prop5 string| s_eVar5 undefined| s_g_eVar5 number| s_vpm_eVar5 string| s_prop6 undefined| s_g_prop6 number| s_vpm_prop6 string| s_eVar6 undefined| s_g_eVar6 number| s_vpm_eVar6 string| s_prop7 undefined| s_g_prop7 number| s_vpm_prop7 string| s_eVar7 undefined| s_g_eVar7 number| s_vpm_eVar7 string| s_prop8 undefined| s_g_prop8 number| s_vpm_prop8 string| s_eVar8 undefined| s_g_eVar8 number| s_vpm_eVar8 string| s_prop9 undefined| s_g_prop9 number| s_vpm_prop9 string| s_eVar9 undefined| s_g_eVar9 number| s_vpm_eVar9 string| s_prop10 undefined| s_g_prop10 number| s_vpm_prop10 string| s_eVar10 undefined| s_g_eVar10 number| s_vpm_eVar10 string| s_prop11 undefined| s_g_prop11 number| s_vpm_prop11 string| s_eVar11 undefined| s_g_eVar11 number| s_vpm_eVar11 string| s_prop12 undefined| s_g_prop12 number| s_vpm_prop12 string| s_eVar12 undefined| s_g_eVar12 number| s_vpm_eVar12 string| s_prop13 undefined| s_g_prop13 number| s_vpm_prop13 string| s_eVar13 undefined| s_g_eVar13 number| s_vpm_eVar13 string| s_prop14 undefined| s_g_prop14 number| s_vpm_prop14 string| s_eVar14 undefined| s_g_eVar14 number| s_vpm_eVar14 string| s_prop15 undefined| s_g_prop15 number| s_vpm_prop15 string| s_eVar15 undefined| s_g_eVar15 number| s_vpm_eVar15 string| s_prop16 undefined| s_g_prop16 number| s_vpm_prop16 string| s_eVar16 undefined| s_g_eVar16 number| s_vpm_eVar16 string| s_prop17 undefined| s_g_prop17 number| s_vpm_prop17 string| s_eVar17 undefined| s_g_eVar17 number| s_vpm_eVar17 string| s_prop18 undefined| s_g_prop18 number| s_vpm_prop18 string| s_eVar18 undefined| s_g_eVar18 number| s_vpm_eVar18 string| s_prop19 undefined| s_g_prop19 number| s_vpm_prop19 string| s_eVar19 undefined| s_g_eVar19 number| s_vpm_eVar19 string| s_prop20 undefined| s_g_prop20 number| s_vpm_prop20 string| s_eVar20 undefined| s_g_eVar20 number| s_vpm_eVar20 string| s_prop21 undefined| s_g_prop21 number| s_vpm_prop21 string| s_eVar21 undefined| s_g_eVar21 number| s_vpm_eVar21 string| s_prop22 undefined| s_g_prop22 number| s_vpm_prop22 string| s_eVar22 undefined| s_g_eVar22 number| s_vpm_eVar22 string| s_prop23 undefined| s_g_prop23 number| s_vpm_prop23 string| s_eVar23 undefined| s_g_eVar23 number| s_vpm_eVar23 string| s_prop24 undefined| s_g_prop24 number| s_vpm_prop24 string| s_eVar24 undefined| s_g_eVar24 number| s_vpm_eVar24 string| s_prop25 undefined| s_g_prop25 number| s_vpm_prop25 string| s_eVar25 undefined| s_g_eVar25 number| s_vpm_eVar25 object| _gaq string| adroll_adv_id string| adroll_pix_id number| __wtw_lucky_site_id object| _gat object| gaGlobal boolean| __lo_csr_added object| BootPrint number| __lo_site_id boolean| __adroll_loaded string| adroll_sid object| dataLayer object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| adroll_exp_list object| __adroll_consent_data boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country object| WTW_Watcher object| LO16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnGyPknngYJ98iHzhwPrbT6-xJnJB8ngEjsudyglMVyMHOJt6GQpgMI3m1wyAY |
|
| secure.califbankus.com/ | Name: s_cc Value: true |
|
| .califbankus.com/ | Name: s_sq Value: |
|
| .secure.califbankus.com/ | Name: __utma Value: 172295585.1742336128.1632165356.1632165356.1632165356.1 |
|
| .secure.califbankus.com/ | Name: __utmc Value: 172295585 |
|
| .secure.califbankus.com/ | Name: __utmz Value: 172295585.1632165356.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
| .secure.califbankus.com/ | Name: __utmt Value: 1 |
|
| .secure.califbankus.com/ | Name: __utmb Value: 172295585.1.10.1632165356 |
|
| .2o7.net/ | Name: s_vi_egdghm Value: [CS]v4|30A46EF6041D4768-4000156C8007E545|6148DDEC[CE] |
|
| .linkedin.com/ | Name: UserMatchHistory Value: AQILDkHyz7AaFwAAAXwEouL0gdO6pnC1ZTNESBlTMEF6wFo2NkCIHALQfS7oj4n12mW2vlhwH_uT4Q |
|
| .linkedin.com/ | Name: AnalyticsSyncHistory Value: AQJ8RA31HLGReAAAAXwEouL0BcTbfUl-irV4rH8pFKrcIJTrfEbckbwsumssuAvEp4b9Hf8nBiODEKrOcLtaZQ |
|
| .ads.linkedin.com/ | Name: lang Value: v=2&lang=en-us |
|
| .linkedin.com/ | Name: bcookie Value: "v=2&4410b9f5-65f3-4c6c-8186-2cc67f6f91a5" |
|
| .linkedin.com/ | Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2437:u=1:x=1:i=1632165356:t=1632251756:v=2:sig=AQGTZrH-Jr1xOzSV3yN_g2JyYClE8OGE" |
|
| .linkedin.com/ | Name: lang Value: v=2&lang=de-de |
|
| .www.linkedin.com/ | Name: bscookie Value: "v=1&20210920191556aeef5cf3-8faa-4696-8758-25912aba7e39AQGwT4JsXXxWmLztWnE4fbolwxpoxynA" |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
102.112.2o7.net
4808300.fls.doubleclick.net
adservice.google.com
d.adroll.com
d10lpsik1i8c69.cloudfront.net
px.ads.linkedin.com
rs.gwallet.com
s.adroll.com
secure.califbankus.com
settings.luckyorange.net
sjs.bizographics.com
ssl.google-analytics.com
ssl.luckyorange.com
stats.g.doubleclick.net
www.google.com
www.linkedin.com
www.mnixpixel.com
104.111.248.106
104.207.158.220
104.26.10.16
108.174.11.37
13.107.42.14
13.224.193.18
13.225.84.220
142.250.185.132
142.250.185.166
142.250.185.194
142.250.186.72
142.251.5.157
15.236.176.210
172.67.70.238
198.23.58.63
199.127.207.180
52.19.99.3
1102c95c4c29fec34cdbe0cd51d34cfb1418e3f87c8068b6189c6c067149089a
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
26d3d5679ce73924a7ff611cbc25c5b5f596b1f4e44bd31b9a2301dfdadf7814
29993df6834c93eb5c80898f77bec07ddb96d8c89fb641580af0b62054bda115
3a6fffb15dd514306cb9b8a130b00c7da3a9183432eb4b643c67301dbd62e01c
4c0f7f46df8bccac32a10d635669b0845d13cdb9d2db43dd66d33a8d9383c595
4c7954754ee5cde5d9c8ba7781b4a0f4427ca8fa7c1d54123c3a16320a653aa6
59c500b7ac38fea3139550da9845bbdbb12880af0ec04cba316406d9e002bad5
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
5df2111ac0a41d8434b1760fde97d1ce5cdd214c8b8e8c388e447957312e65eb
5dfdd878d2d6bdd50f37fde1800a044753dd00bac3c3a30a35f999b422a48ee1
6d2d30b531f5c66179e01bc0ed4c1e4fe227d25fecd286911cbeb01fa8d0bf11
6fdf2069b110690fea35799a4b735ef104150fe2baaa508041da148049df99af
7b885205be9bedd928193e1cb8ac866526d53e9c58baf9f18e7fc17af207bb20
7c69f4ca35f21ba422eeb40749359ad49f120c5196ac1abb972375edbef22132
87b3c53b427896e65ff7b85370e3e53226cbc5f77e05a8a94b091272b2ad3dae
8ed9c1758a236e742d01ea066f452d3f578d6be81551327a5b67ba8be722569d
946ffc1f1d0b38d35c618135e4522c1987f560676705dbb381aa38087b5cf31c
98ab3fed3b1d5c4cbe20a6b1c11b8870e98a8c8f4313560418b21b4f9c76a165
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a78097eca52a75e7fed8fe7b9cf78cd0933a3c33cfcdd932e4cdf3bcb23cf66d
aa23e02acfb1c3bc0855215daea526156f625555e042dca25672126935f2e331
ac3218a20034c707656b5cdb442fdffd0dec3cae8023f58cedad92b46ac2c403
af38cdc7ff84335445d163bf9f5089ff0d0c738b8e03fc55e468a08f48e13a59
b5da6f4ea2f2b1cd3defa56947f61343366a32074355d18e75c7a1a08c6477f1
b991c8f6facc94a36880f5039dedaeae0df81a535d0b095d7c1a9280c937c6ba
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c24b9bc21ff877e0d943e1900881b191406e4892656c46cdc1a095e600ee85aa
c659a0b9341b56bbd222b442b382f065ffbce6c51aac8a06bee19d73ed0a49d3
c729d20228a508f727c98e95532cc27628b1acde678264ae175a5d6f33739aed
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d08b30c65fd8936d5488e052f416afdc264f5374dcc7f3b883efcd85e7ec15c5
e3427513b07d2ff69dbd7766704e1f355f39746b70d56ebe8fa2b408c53f660a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e75d29bedda3ac9445f079d9d00153412e4afa5a83a24fbd7f8e05ea1b7df17e
e80e4925cd7103c5feae9b52821d511e47092c70a8e05aa34d2a8eb31e7a9ab3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fed785a6a8ca96fb67230fec5d85f9c508db49f4075aa0ef284af56cd89813e3
ffe17710c5d0a8fdc707fff57893a91f9c378569519959fe4105dced37104b74