www.savings.com
Open in
urlscan Pro
23.55.230.175
Public Scan
Effective URL: https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pe...
Submission: On October 27 via manual from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 26th 2023. Valid for: a year.
This is the only time www.savings.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-65-31.compute-1.amazonaws.com
links.savings.com |
ASN16625 (AKAMAI-AS, US)
PTR: a23-55-230-175.deploy.static.akamaitechnologies.com
www.savings.com | |
node2.sdccdn.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN13335 (CLOUDFLARENET, US)
static.getclicky.com | |
in.getclicky.com |
ASN32934 (FACEBOOK, US)
connect.facebook.net |
ASN16509 (AMAZON-02, US)
d2xu3jvg5io30s.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: server-3-162-38-31.cdg52.r.cloudfront.net
static.hotjar.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-164-52-121.cdg50.r.cloudfront.net
script.hotjar.com |
ASN16509 (AMAZON-02, US)
api.userway.org |
ASN32934 (FACEBOOK, US)
www.facebook.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-168-171.us-west-2.compute.amazonaws.com
zekelofnbk.execute-api.us-west-2.amazonaws.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
23 |
sdccdn.com
node2.sdccdn.com |
213 KB |
9 |
userway.org
cdn.userway.org — Cisco Umbrella Rank: 4291 api.userway.org — Cisco Umbrella Rank: 4209 |
58 KB |
8 |
lytics.io
c.lytics.io — Cisco Umbrella Rank: 9077 |
51 KB |
4 |
amazonaws.com
zekelofnbk.execute-api.us-west-2.amazonaws.com — Cisco Umbrella Rank: 269947 |
774 B |
4 |
savings.com
2 redirects
links.savings.com www.savings.com — Cisco Umbrella Rank: 506060 |
23 KB |
3 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 110 |
270 B |
3 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27 |
21 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 6862 |
515 B |
2 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 78 |
396 B |
2 |
google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040 www.google.com — Cisco Umbrella Rank: 2 |
662 B |
2 |
hotjar.com
static.hotjar.com — Cisco Umbrella Rank: 727 script.hotjar.com — Cisco Umbrella Rank: 901 |
60 KB |
2 |
facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174 |
89 KB |
2 |
getclicky.com
static.getclicky.com — Cisco Umbrella Rank: 11582 in.getclicky.com — Cisco Umbrella Rank: 9854 |
6 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35 |
183 KB |
1 |
cloudfront.net
d2xu3jvg5io30s.cloudfront.net |
13 KB |
67 | 15 |
Domain | Requested by | |
---|---|---|
23 | node2.sdccdn.com |
www.savings.com
node2.sdccdn.com |
8 | cdn.userway.org |
www.savings.com
cdn.userway.org |
8 | c.lytics.io |
www.savings.com
c.lytics.io |
4 | zekelofnbk.execute-api.us-west-2.amazonaws.com |
d2xu3jvg5io30s.cloudfront.net
|
3 | www.facebook.com |
www.savings.com
|
3 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
3 | www.savings.com |
1 redirects
node2.sdccdn.com
|
2 | www.google.de |
www.savings.com
|
2 | stats.g.doubleclick.net |
www.googletagmanager.com
www.google-analytics.com |
2 | connect.facebook.net |
www.savings.com
connect.facebook.net |
2 | www.googletagmanager.com |
www.savings.com
www.googletagmanager.com |
1 | in.getclicky.com |
static.getclicky.com
|
1 | api.userway.org |
cdn.userway.org
|
1 | www.google.com |
www.savings.com
|
1 | script.hotjar.com |
static.hotjar.com
|
1 | region1.analytics.google.com |
www.googletagmanager.com
|
1 | static.hotjar.com |
www.googletagmanager.com
|
1 | d2xu3jvg5io30s.cloudfront.net |
www.googletagmanager.com
|
1 | static.getclicky.com |
www.googletagmanager.com
|
1 | links.savings.com | 1 redirects |
67 | 20 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.savings.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-04-26 - 2024-04-25 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
*.getclicky.com E1 |
2023-10-05 - 2024-01-03 |
3 months | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2023-08-06 - 2023-11-04 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-16 - 2024-04-15 |
a year | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
1667503734.rsc.cdn77.org R3 |
2023-10-10 - 2024-01-08 |
3 months | crt.sh |
*.hotjar.com Amazon ECDSA 256 M01 |
2023-03-09 - 2024-04-06 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2023-10-09 - 2024-01-01 |
3 months | crt.sh |
api.userway.org Amazon RSA 2048 M03 |
2023-09-02 - 2024-09-30 |
a year | crt.sh |
*.execute-api.us-west-2.amazonaws.com Amazon RSA 2048 M01 |
2023-06-02 - 2024-06-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated
Frame ID: 2113AFC9A4FCD269A0B37A44456AD621
Requests: 66 HTTP requests in this frame
Screenshot
Page Title
40% Off Tempur-Pedic Coupons, Promo Codes & Deals - October 2023Page URL History Show full URLs
-
http://links.savings.com/u/click?_t=284b0eb146f147ceb44d29aedfbdbbc4&_m=c01e986779ca4ed4841b59eb722cc...
HTTP 303
https://www.savings.com/m/email/tempurpedic.com/d?did=9226564&pid=13005710&utm_source=dedicated&utm_... HTTP 302
https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&ut... Page URL
Detected technologies
Clicky (Analytics) ExpandDetected patterns
- static\.getclicky\.com
Facebook (Widgets) Expand
Detected patterns
- //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- <!-- (?:End )?Google Tag Manager -->
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Hotjar (Analytics) Expand
Detected patterns
- //static\.hotjar\.com/
UserWay (Accessibility) Expand
Detected patterns
- cdn\.userway\.org/widget.*\.js
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: Help Desk
Search URL Search Domain Scan URL
Title: Do Not Sell/Share My Personal Information
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://links.savings.com/u/click?_t=284b0eb146f147ceb44d29aedfbdbbc4&_m=c01e986779ca4ed4841b59eb722cc5c7&_e=vEr-6MR9R-leRprJF8E2lf1CqKeKlUa51Lh3qJmafRlNkDURglNdI6vD9A-cQIv4-24PWJFETQnoD9FmBzrecrDt0NPdRq5zV-JERv_v-7dQ2O7xRqIZLXzu4zqSS6DEcRbnjBDZOGHHJ2Yw790m2Po2ShjO23kNkkJ9TSdTP40KCh8QtiPX6QyJ0BLPIkW-oC7oZcq5JEF1NfIU9PpcEkpPtOlUXX8DKxT34k4_fzglcKrxNtU4gNhaDUp5RXF9FTyMHdcVQazCBnCALglNIvHerjMXdviatwSmkip9mTX3Gx5yZMaYzDAUhxMzOxK_D32fOa-jlxm-aPj8PF7aPXhPT65Nd11OXe2hBl1d6Iuv0C22dsSVUIYEj6hD8uuZYcD-OZZiQF4k7KcDJ10Zd9TOf4S7wss4k-KJ60BtAcXD2tAKskScbW6cl1g9dAQwdTXPDYsj5lwsD0nsR0lNgYUwXc9Lnf7NeNpswCJIV8QCH4BnGcohB8KD_FeGlT9WeE1MNU46-XQYo31Fa6xZhWzk2vfZMyYn6_KxGo2Thco%3D
HTTP 303
https://www.savings.com/m/email/tempurpedic.com/d?did=9226564&pid=13005710&utm_source=dedicated&utm_medium=email&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&x=nnY82m7mLbzMbib7lJGrvcHASpZGpMiv66m0TDmqRwlGVoa8%252FiPbEQ%253D%253D&p2=Tempur-Pedic HTTP 302
https://www.savings.com/coupons/tempurpedic.com?clickid=175440365-1698428858730-70377702988990849&utm_campaign=Tempur-Pedic-Dedicated_SMS_10262023&p1=Tempur-Pedic-Dedicated_SMS_10262023&p2=Tempur-Pedic&utm_medium=email&utm_source=dedicated Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
67 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
tempurpedic.com
www.savings.com/coupons/ Redirect Chain
|
114 KB 18 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
276 KB 93 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tk-poppins-400.woff2
node2.sdccdn.com/fonts/poppins/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tk-poppins-600.woff2
node2.sdccdn.com/fonts/poppins/ |
11 KB 11 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-solid-900.woff2
node2.sdccdn.com/fonts/webfonts-subset/ |
17 KB 17 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-regular-400.woff2
node2.sdccdn.com/fonts/webfonts-subset/ |
2 KB 2 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-light-300.woff2
node2.sdccdn.com/fonts/webfonts-subset/ |
1 KB 1 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa-brands-400.woff2
node2.sdccdn.com/fonts/webfonts-subset/ |
3 KB 3 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.bundle.min.css
node2.sdccdn.com/dist/sdc2/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.bundle.min.css
node2.sdccdn.com/dist/sdc2/ |
108 KB 21 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merchant.bundle.min.css
node2.sdccdn.com/dist/sdc2/ |
16 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
savings.svg
node2.sdccdn.com/images/theme/sdc2/logos/ |
3 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5127524.svg
node2.sdccdn.com/images/savings/logo/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charity-savings-cares-bg-tag.png
node2.sdccdn.com/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bcrf-logo-rectangle.png
node2.sdccdn.com/img/ |
35 KB 35 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
charity-savings-cares-logo.svg
node2.sdccdn.com/img/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1x1.gif
node2.sdccdn.com/images/savings/ |
43 B 193 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
shared.bundle.min.js
node2.sdccdn.com/dist/sdc2/ |
176 KB 57 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.bundle.min.js
node2.sdccdn.com/dist/sdc2/ |
53 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
merchant.bundle.min.js
node2.sdccdn.com/dist/sdc2/ |
14 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
68 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
66 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
268 KB 89 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
static.getclicky.com/ |
15 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
202 KB 54 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
latest.min.js
c.lytics.io/api/tag/454e770b85fe774de7e6d1e3b80fef4a/ |
66 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cfLytics.js
d2xu3jvg5io30s.cloudfront.net/v1/js/ |
37 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget.js
cdn.userway.org/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hotjar-2518157.js
static.hotjar.com/c/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
region1.analytics.google.com/g/ |
0 254 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 245 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
widget_app_base_1698417958350.js
cdn.userway.org/widgetapp/2023-10-27-14-45-58/ |
135 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
www.google-analytics.com/j/ |
4 B 209 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/cid/ |
24 B 455 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
modules.132f983e088e46bc619e.js
script.hotjar.com/ |
226 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
830316797830859
connect.facebook.net/signals/config/ |
133 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 151 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
AaEvLYxBlM
api.userway.org/api/tunings/ |
1 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
in.php
in.getclicky.com/ |
131 B 256 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2a14607c-c5bd-4549-ad79-48b9091733a6
c.lytics.io/api/personalize/454e770b85fe774de7e6d1e3b80fef4a/user/_uid/ |
378 B 600 B |
Script
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/c/ |
35 B 314 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
454e770b85fe774de7e6d1e3b80fef4a
c.lytics.io/c/ |
35 B 403 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 185 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deal-detail.chunk.min.css
node2.sdccdn.com/dist/sdc2/ |
2 KB 785 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
deal-detail.chunk.min.js
node2.sdccdn.com/dist/sdc2/ |
22 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ |
184 B 388 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ |
184 B 386 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
v1
zekelofnbk.execute-api.us-west-2.amazonaws.com/ |
0 0 |
Preflight
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 54 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.facebook.com/tr/ |
0 31 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4955731.png
node2.sdccdn.com/images/savings/logo/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4958916.jpeg
node2.sdccdn.com/images/savings/logo/ |
4 KB 4 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en-US.json
cdn.userway.org/widgetapp/2023-10-27-14-45-58/locales/ |
500 B 960 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dealDetail.ajax
www.savings.com/ |
2 KB 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.js
c.lytics.io/static/ |
102 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pathfora.min.css
c.lytics.io/static/ |
20 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config.js
c.lytics.io/api/program/campaign/config/454e770b85fe774de7e6d1e3b80fef4a/ |
327 B 630 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5127524.svg
node2.sdccdn.com/images/savings/logo/ |
4 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
remediation-tool-free.js
cdn.userway.org/remediation/free/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
body_wh.svg
cdn.userway.org/widgetapp/images/ |
931 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spin_wh.svg
cdn.userway.org/widgetapp/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
alts.json
cdn.userway.org/api/img-dscr/v2/AaEvLYxBlM/2928732/RCbKZgsmHRxvRny0/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
alts.json
cdn.userway.org/api/img-dscr/v2/AaEvLYxBlM/2928732/RCbKZgsmHRxvRny0/ |
1 KB 950 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
78 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| documentPictureInPicture object| dataLayer function| onUserInteraction function| loadCSS object| _PageInfo object| google_tag_manager object| google_tag_data object| webpackChunksavings_app string| GoogleAnalyticsObject function| ga object| clicky_site_ids function| fbq function| _fbq object| jstag function| hj object| _hjSettings object| enquire function| onYouTubeIframeAPIReady object| gaGlobal object| UserWayWidgetApp object| __core-js_shared__ object| core function| cfLytics function| cfLoadLytics function| cfClickLytics object| clicky_obj object| clicky object| clicky_custom undefined| test object| cs object| _cgen object| _cgen_custom object| gaplugins object| gaData object| __lytics__jstag__ undefined| u_268963402076407780 object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| __read function| __spreadArray function| __values string| LS_KEY string| CDN_BASE string| LOCALES string| VERSION object| FuncKeys object| DEFAULT_OPEN_HOTKEY object| userwaySupportedLanguages object| userwayMapToSupportedLanguages object| userwaySupportedLocales string| USERWAY_DEFAULT_FALLBACK_LANGUAGE function| userwaySupports function| formatLangCode function| __assign function| __rest object| messageStream object| _userway_config boolean| _userway undefined| u_746094100897246600 object| jQuery111206505095794050388 object| jQuery1112034135703681925245 object| pathfora object| UserWay function| __defProp function| __defProps function| __getOwnPropDescs function| __getOwnPropSymbols function| __hasOwnProp function| __propIsEnum function| __defNormalProp function| __spreadValues function| __spreadProps function| __objRest function| __async31 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.savings.com/ | Name: iterableEmailCampaignId Value: 8118655 |
|
.savings.com/ | Name: iterableTemplateId Value: 10789615 |
|
.savings.com/ | Name: iterableMessageId Value: c01e986779ca4ed4841b59eb722cc5c7 |
|
.savings.com/ | Name: iterableEndUserId Value: yix4058%40utulsa.edu |
|
links.savings.com/ | Name: XSRF-TOKEN Value: 275e6dc7f762caa26a08c17a584be5c3b2791048-1698428858397-20040dddd3ffa070577130ad |
|
.savings.com/ | Name: ESTN Value: 1 |
|
.savings.com/ | Name: CCS Value: 31 |
|
.savings.com/ | Name: EPRAT Value: 993124783-1698428858723 |
|
.savings.com/ | Name: MPUSC Value: 993124783-1698428858723-CH |
|
.savings.com/ | Name: MPEVTC Value: 1698428858723 |
|
.savings.com/ | Name: MPREFSRC Value: mppid%3D13005710%2Cmpsid%3Dna%2Cmptid%3Dna%2Cmpclickid%3D175440365-1698428858730-70377702988990849%2Cutm_campaign%3DTempur-Pedic-Dedicated_SMS_10262023%2Cp1%3DTempur-Pedic-Dedicated_SMS_10262023%2Cp2%3DTempur-Pedic%2Cutm_medium%3Demail%2Cpid%3D13005710%2Cutm_source%3Ddedicated%2Cx%3DnnY82m7mLbzMbib7lJGrvcHASpZGpMiv66m0TDmqRwlGVoa8%252FiPbEQ%253D%253D%2Cdid%3D9226564 |
|
.savings.com/ | Name: MPPLACEMENTCK Value: bXBjPTE3NTQ0MDM2NS0xNjk4NDI4ODU4NzMwLTcwMzc3NzAyOTg4OTkwODQ5LHAxPVRlbXB1ci1QZWRpYy1EZWRpY2F0ZWRfU01TXzEwMjYyMDIzLHAyPVRlbXB1ci1QZWRpYyx1dG1fY2FtcGFpZ249VGVtcHVyLVBlZGljLURlZGljYXRlZF9TTVNfMTAyNjIwMjMsdXRtX21lZGl1bT1lbWFpbCxwaWQ9MTMwMDU3MTAsbXBwPTEzMDA1NzEwLG1wcHViPTI0MjE0OCx4PW5uWTgybTdtTGJ6TWJpYjdsSkdydmNIQVNwWkdwTWl2NjZtMFREbXFSd2xHVm9hOCUyRmlQYkVRJTNEJTNELGZwZz1mYWxzZSxkaWQ9OTIyNjU2NCx1dG1fc291cmNlPWRlZGljYXRlZCw%3D |
|
.savings.com/ | Name: MPIBRCC Value: 175440365-1698428858730-70377702988990849 |
|
www.savings.com/ | Name: JSESSIONID Value: abcR_K4frLaUfhA-6pYTy |
|
.savings.com/ | Name: MPPAGEEVENTCK Value: 175440365-1698428858877-5204440665847326590 |
|
.savings.com/ | Name: _ga_CS0K8ZDTEZ Value: GS1.1.1698428859.1.0.1698428859.60.0.0 |
|
.savings.com/ | Name: _ga Value: GA1.2.975462380.1698428859 |
|
.savings.com/ | Name: _gid Value: GA1.2.848644991.1698428860 |
|
.savings.com/ | Name: _gat_UA-99557-2 Value: 1 |
|
.www.savings.com/ | Name: seerses Value: e |
|
.www.savings.com/ | Name: seerid Value: 2a14607c-c5bd-4549-ad79-48b9091733a6 |
|
.savings.com/ | Name: _fbp Value: fb.1.1698428859785.692892768 |
|
.savings.com/ | Name: _hjSessionUser_2518157 Value: eyJpZCI6IjE5YWZhN2NlLTBiNTktNTI2MS1hZDlkLTRiOWE4NDU5N2ZkYyIsImNyZWF0ZWQiOjE2OTg0Mjg4NTk4MzEsImV4aXN0aW5nIjpmYWxzZX0= |
|
.savings.com/ | Name: _hjFirstSeen Value: 1 |
|
.savings.com/ | Name: _hjIncludedInSessionSample_2518157 Value: 0 |
|
.savings.com/ | Name: _hjSession_2518157 Value: eyJpZCI6IjBmYTcwZGFjLWI5ODEtNDIxYy04OWIxLTA4N2M0ZmFhYzNlMCIsImNyZWF0ZWQiOjE2OTg0Mjg4NTk4MzIsImluU2FtcGxlIjpmYWxzZSwic2Vzc2lvbml6ZXJCZXRhRW5hYmxlZCI6dHJ1ZX0= |
|
.savings.com/ | Name: _hjAbsoluteSessionInProgress Value: 0 |
|
.lytics.io/ | Name: seerid Value: 2a14607c-c5bd-4549-ad79-48b9091733a6 |
|
node2.sdccdn.com/ | Name: AWSALBCORS Value: 7DaCOQ6i4d4iuzOcxvZMFKPWq5bk50L8ctqd2tqZcSwAGrw7TMtpwREMpgMTphWJFCMrJAIwo64nqVuLbX0XClyNQOVOsN7rpGB2qKsQbskMl5SPKN0ldsf/hTKM |
|
www.savings.com/ | Name: AWSALB Value: NympHCScd8cN5EGpgxVHmj5UYPZpSWRdfgf6TE+W+PWCNJyH98InMy9nU7aw7dvhTAksvxic63+Nn4dohKDQnMge92KQYpvdv1OU0wcfWroJLQqkfb7Gc66/9m4y |
|
www.savings.com/ | Name: AWSALBCORS Value: NympHCScd8cN5EGpgxVHmj5UYPZpSWRdfgf6TE+W+PWCNJyH98InMy9nU7aw7dvhTAksvxic63+Nn4dohKDQnMge92KQYpvdv1OU0wcfWroJLQqkfb7Gc66/9m4y |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
api.userway.org
c.lytics.io
cdn.userway.org
connect.facebook.net
d2xu3jvg5io30s.cloudfront.net
in.getclicky.com
links.savings.com
node2.sdccdn.com
region1.analytics.google.com
script.hotjar.com
static.getclicky.com
static.hotjar.com
stats.g.doubleclick.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.savings.com
zekelofnbk.execute-api.us-west-2.amazonaws.com
18.164.52.121
2001:4860:4802:34::36
23.55.230.175
2600:1f14:5db:eb11:9a56:ad25:21d5:260a
2600:9000:2251:d800:15:875a:d300:21
2606:4700:20::ac43:49ec
2606:4700::6811:616c
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2004
2a00:1450:4001:81c::200e
2a00:1450:400c:c0b::9a
2a02:6ea0:c700::19
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
3.162.38.31
44.207.65.31
52.36.168.171
0d6c2aa0a446364169fba9251e31da41e2f618a09e3cceae2fccd617508e372f
0f658009e628815b34872408bba0aab03d0286073eca736959bfa13876195ebe
101358addf7c25ac871790d4a4fccc8665ddb56073d73247c0a5d12215e830c9
111b4158cc571c52b653321759758e7c540a6fa6b8ebd94142a3399c236d9865
11fcbd228e7d2b1ba69bf1863b629404fc8fc3ca082e24ac9995b7ba5c7bf1cd
1be555ca5e351453170a3cfcf81bf803e93d16995bdf968fa527000f3d093850
1df2482ae8524ca1a77275b4019e1a17c556f6ddbf71452200fef1d0c53c3491
1e2e5c32b1e1de0fb17834f86fb384a14e2dd0d4acd1a70221c1d27dbe0020ab
21899b7e56ddedfb9912a82c4c90777c26b0d317c376906c83ed4587b79a75b7
22b0a66bd9f327e03c3631ac8b4b3dc45177877db9689748d5b2f44c614d623a
33156f803b055bd4f3ba5ae87db987e2e3afe2d9e7b3bdec54e22cb939ed8f4c
3f82f86e13d01b3f7cd022233b0d2446e74ca0aefae74ab8c061995f7247235e
47ebcacff50af45640662ddbe1efd7164c11278a815d04cf98a7132705cd4352
48d272d6da4beab70a46a8d0bf34d279bb0cb561a4e07c87f52b03e9b59bc21e
4a1c9fcd6a1fa1162320f76f8b6a5136e6dc50365dea4aa86dbae86c997989bb
4bde35d3d07e7253e0b26e38ef56d755c8e0de7fa4db34cf64b07bfacf81b30d
4c1514113ba5e9630c5aea98aa1c05b35cbc7150402a1f91b928c8d8e29e31e3
4db45b4517a739f9cecf24a598c175fb3399c9d594f88229bb4bc3cdf410da81
5153f6d80259afb0e82b849184dfb59deafbea90a6909deb916407e2dc05a523
588e561c1b630cc0c94b479e3a0479c7557e4d6991a1bacb5b2acd7f32906f56
60069686a475f49fb896a179b9c08da46081803b26ed3676bf0b9e5daf80a3c9
632ac2f1d7a3ffbfcfd297f17c8dfc6b0032ca8b1c13bc3c96fb05e0b39d7ac7
65475ce49a4da735ed9defc8b1faae5290810dc23aa08c7438427d435c027dc5
6ab741e4e8d13db1d5023e0be926b65da8f97ba825337ebcbe9356675a0526f4
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6bc4c78e362027a1ded1abeece765c14f45f7e9dd7d9f2fb59a27eac6722a4f9
7a6758e4e57c42cf78ef07d924105cb89a426c28e2ad9a9df7d8fe5fb8b1b795
7eaa03779e9d21f8c82f72e28638a6536f304ac30f30bd6124667a10ee87baa5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
873afacc8dc267f9eb22eb95d50e61d041d9cc376e2a7395528e65a6894511a8
8a9218fdba4cb01d5e566e7a6e206606defa76589ec767006769736300095f6b
986a5e9be63017ce84536f6792ea984e6251a15af61d5cc20ff4f8b1737c80ad
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a169815b3efeb3bfa8023b85db98db5e3454ea927d802f6aece1b07f64b63467
a83611140e17f4aca722596d310c613dd83e4636f85e1d1269d88f55447b2ff7
a99fc0221466f5998174aa35f3dcf93ed288b94aa7b526cc0e1af975b4b9df02
aec03ea4df2b2876adf0087d5485bd6cb6154943659ff68320c574012ef2d1f0
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b452b6054c204404bb37c1eefeadca3491747bb8691e7aff05683ce5bdffaa5e
b6f5d61563c157daf91c76c9909e5d6410928fa9583ce04f362c3359a222af22
bae9e23f7715c2ea1bf8bd215a58dd1253a6e1084aaacb97aded436a23c4097f
bbeb842bd87163ca006c8603eac9bb9458ea3f05238c9fac398ae75b8c96eea3
c45f637f905e1ea01ba81aa39e8da62ee7e7f8703c3da4c3bba55f6192e5834c
c86301ad008c5dcdd87fb16282eb38b42ec2ffd700f0af21d74ec70715d8a4eb
ce666b62ff89a7f4fbcd83e0b281b8faf1d856aaf21cdcf918496ef6bdd6675e
d2c65c5b897214b400c5b210cc21ef8551a3903175353a4380cc6951aa6fc597
d9da2269738f8fca8a4526e5cec6f4e1cb57c26d62cc6639de1d0656608065e9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e0968362c3ffbcdc5fc42bb982e6fd4912aff500d6892e1c2aca3f81f749a645
e18fd8fb48e405a105f33fd6030a25475f4c0296cc5bea790e01b3116d18cc1a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71d5336142a64b264a204e2715dc34c5e5e2219dc7931c1e0fddef31b9c6229
ea99bd3fb4ae5d61320b918295829a784d4cef63b321451db06a6bbe4314f0d4
ee892f4438a985948e729d440931f0437736840888a636bdfd054244886823a9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef880693571db60a665cceffeea7d30335d5727dda98f8a9c1429352fdff8be1
fe75a06eb176f5530fefb741c0b292a722b63cb6ef8d68e8c7991c29dbcf151a