login.benefit.edenred.ro
Open in
urlscan Pro
107.162.162.24
Public Scan
Effective URL: https://login.benefit.edenred.ro/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%...
Submission: On October 02 via manual from CA — Scanned from CA
Summary
TLS certificate: Issued by GlobalSign RSA OV SSL CA 2018 on February 13th 2024. Valid for: a year.
This is the only time login.benefit.edenred.ro was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 18.198.218.66 18.198.218.66 | 16509 (AMAZON-02) (AMAZON-02) | |
4 19 | 107.162.162.24 107.162.162.24 | 55002 (DEFENSE-NET) (DEFENSE-NET) | |
1 | 142.251.111.95 142.251.111.95 | 15169 (GOOGLE) (GOOGLE) | |
2 | 13.107.246.38 13.107.246.38 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
4 | 20.82.36.44 20.82.36.44 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
1 | 159.60.128.252 159.60.128.252 | 35280 (F5) (F5) | |
23 | 6 |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-218-66.eu-central-1.compute.amazonaws.com
tracking.benefitsystems.ro |
ASN55002 (DEFENSE-NET, US)
app.benefitsystems.ro | |
login.benefit.edenred.ro |
ASN15169 (GOOGLE, US)
PTR: bk-in-f95.1e100.net
fonts.googleapis.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-druid-apc.azureedge.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
druidapi.druidplatform.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
17 |
edenred.ro
1 redirects
login.benefit.edenred.ro www.edenred.ro |
930 KB |
4 |
druidplatform.com
druidapi.druidplatform.com — Cisco Umbrella Rank: 488491 |
7 KB |
4 |
benefitsystems.ro
4 redirects
tracking.benefitsystems.ro app.benefitsystems.ro — Cisco Umbrella Rank: 942785 |
4 KB |
2 |
azureedge.net
prod-druid-apc.azureedge.net — Cisco Umbrella Rank: 523750 |
683 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46 |
1 KB |
23 | 5 |
Domain | Requested by | |
---|---|---|
16 | login.benefit.edenred.ro |
1 redirects
login.benefit.edenred.ro
|
4 | druidapi.druidplatform.com |
prod-druid-apc.azureedge.net
|
3 | app.benefitsystems.ro | 3 redirects |
2 | prod-druid-apc.azureedge.net |
login.benefit.edenred.ro
|
1 | www.edenred.ro | |
1 | fonts.googleapis.com |
login.benefit.edenred.ro
|
1 | tracking.benefitsystems.ro | 1 redirects |
23 | 7 |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.benefit.edenred.ro GlobalSign RSA OV SSL CA 2018 |
2024-02-13 - 2025-03-16 |
a year | crt.sh |
upload.video.google.com WR2 |
2024-08-26 - 2024-11-18 |
3 months | crt.sh |
*.azureedge.net Microsoft Azure RSA TLS Issuing CA 04 |
2024-09-19 - 2025-09-14 |
a year | crt.sh |
*.druidplatform.com R11 |
2024-08-21 - 2024-11-19 |
3 months | crt.sh |
*.edenred.ro GlobalSign RSA OV SSL CA 2018 |
2024-06-28 - 2025-07-30 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://login.benefit.edenred.ro/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapp.benefitsystems.ro%252Findex.php%253Froute%253Daccount%252Flogin%26client_id%3D3B25C40A-EF65-4DFE-923F-9A3502762884%26nonce%3D2c36941ee12305e2a4aeacaf89be40cb%26state%3Defdc336e776f0366293f901b30ef2fd3%26scope%3Dopenid%2520profile%2520offline_access%2520application_version%2520open_cart%253Aall%2520openid
Frame ID: A0FBE0BD4A7AF3BDF22594B522B13FF0
Requests: 23 HTTP requests in this frame
Screenshot
Page Title
Intra in contul tau Edenred BenefitPage URL History Show full URLs
-
https://tracking.benefitsystems.ro/tracking/1/click/W-2DZXPxuxjD_MQwEsULWj7yoVhaVDccYuZ0F_9kNkyKn4Wtvpk4c9c3mty...
HTTP 302
https://app.benefitsystems.ro/ HTTP 302
https://app.benefitsystems.ro/index.php?route=account/account HTTP 302
https://app.benefitsystems.ro/index.php?route=account/login HTTP 302
https://login.benefit.edenred.ro/connect/authorize?response_type=code&redirect_uri=https%3A%2F%2Fapp.benefits... HTTP 302
https://login.benefit.edenred.ro/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3D... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Google Font API (Font Scripts) Expand
Detected patterns
- <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Lodash (JavaScript Libraries) Expand
Detected patterns
- lodash.*\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: ANPC
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://tracking.benefitsystems.ro/tracking/1/click/W-2DZXPxuxjD_MQwEsULWj7yoVhaVDccYuZ0F_9kNkyKn4Wtvpk4c9c3mty371gJ3t9zZhrKQn5ez-BL3_5Jq7eIWcdC2Zvy6AIu5Syb4TN1_EDRY-HbwNPkpT6JCWHKLh8LPsUGB8gcRGYWFB5zkICL3WZYb6cYUfeL0Dm36RDecnwm6NV2OqZzBFZhHGeJ0nQ1azLlFIlfTXMBoHcawx3ijaaB3k6mPQrEbzuN0mB6JwmQuSBwif--kz9scI5dAF6n1ZNmuhETxDfZR9E6ZjJ8nhZIUriGfu5c1k1HKRPKdT1AXc3QrYnNjCQUDgVucXLuU95s6Nu-An_9YjAIzokYWYcubyBW5tmRG9Q9_DgwMgy66k--ZKL04XtWiA7I_DE5VJfajqGifJ1flHwFPjvozJkPYLIcJBvIPoO_xoSyJjb3MrzQ_xgze4hWr6w-v9sHf21JHeyHlbqgo_8ynYGHZ53QTACJKS9PeQ0JXY8Qpr3d_573J0V-5C1HmUNMqmZhc2AT7eyflevqXEDjobKdjFIEm_Mchwk0EsFes7XlYC0eRIv8YpU5Lh6Vi0n_IwkiZjH9DfHK1oJ-1TADK8pO5_K4wqBc7MmALXshnPdHdtQiKHm1cHDSlX5NI8mW-06SnfyQ9jAqK7h_yql67Chtv8B-BgP9WCakZK04dJ2_m8x5Ls3wG_eqTuZiyqZLGB7yyKkcBYisPc0Pykzj0dz17OsZ-GKwQUAPqIZg4ZfGtgQRYYwHoWPh6KDTJ6aEpyjOsSus8Xaa24OhrBULmSzl-zP3QF3vPviM3rMLz-l_VirY41lcKgF3TmXs53TuoKLQojFaOBLPb3HqrcwGqQ==
HTTP 302
https://app.benefitsystems.ro/ HTTP 302
https://app.benefitsystems.ro/index.php?route=account/account HTTP 302
https://app.benefitsystems.ro/index.php?route=account/login HTTP 302
https://login.benefit.edenred.ro/connect/authorize?response_type=code&redirect_uri=https%3A%2F%2Fapp.benefitsystems.ro%2Findex.php%3Froute%3Daccount%2Flogin&client_id=3B25C40A-EF65-4DFE-923F-9A3502762884&nonce=2c36941ee12305e2a4aeacaf89be40cb&state=efdc336e776f0366293f901b30ef2fd3&scope=openid+profile+offline_access+application_version+open_cart%3Aall+openid HTTP 302
https://login.benefit.edenred.ro/Account/Login?ReturnUrl=%2Fconnect%2Fauthorize%2Fcallback%3Fresponse_type%3Dcode%26redirect_uri%3Dhttps%253A%252F%252Fapp.benefitsystems.ro%252Findex.php%253Froute%253Daccount%252Flogin%26client_id%3D3B25C40A-EF65-4DFE-923F-9A3502762884%26nonce%3D2c36941ee12305e2a4aeacaf89be40cb%26state%3Defdc336e776f0366293f901b30ef2fd3%26scope%3Dopenid%2520profile%2520offline_access%2520application_version%2520open_cart%253Aall%2520openid Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login
login.benefit.edenred.ro/Account/ Redirect Chain
|
8 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css2
fonts.googleapis.com/ |
18 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tippy.css
login.benefit.edenred.ro/lib/tippy.js/dist/ |
1 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.css
login.benefit.edenred.ro/css/ |
42 KB 43 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
druid_webchat.css
prod-druid-apc.azureedge.net/ |
1 MB 375 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
druid_webchat.js
prod-druid-apc.azureedge.net/ |
980 KB 308 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
benefit-logo.svg
login.benefit.edenred.ro/img/ |
11 KB 12 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
form-execution.js
login.benefit.edenred.ro/js/ |
257 B 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
login.benefit.edenred.ro/lib/jquery/dist/ |
85 KB 87 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.bundle.min.js
login.benefit.edenred.ro/lib/bootstrap/dist/js/ |
81 KB 83 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
language-selector.js
login.benefit.edenred.ro/js/ |
1 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
druid-ai.js
login.benefit.edenred.ro/js/ |
373 B 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
popper.js
login.benefit.edenred.ro/lib/popperjs/core/dist/umd/ |
62 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tippy-bundle.umd.js
login.benefit.edenred.ro/lib/tippy.js/dist/ |
78 KB 79 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lodash.min.js
login.benefit.edenred.ro/lib/lodash/ |
71 KB 73 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
1 KB 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
585 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-big.png
login.benefit.edenred.ro/img/ |
283 KB 284 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
edenred-3das-bold.woff2
login.benefit.edenred.ro/fonts/ |
25 KB 26 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
LoadConfiguration
druidapi.druidplatform.com/api/services/app/Bot/ |
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
LoadConfiguration
druidapi.druidplatform.com/api/services/app/Bot/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
login.benefit.edenred.ro/ |
15 KB 16 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GetBotCustomCssContents
druidapi.druidplatform.com/api/services/app/Bot/ |
16 KB 6 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
GetBotCustomCssContents
druidapi.druidplatform.com/api/services/app/Bot/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
felicia3f_2.png
www.edenred.ro/themes/custom/edenred/images/chatbot/ |
144 KB 145 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| webchatJsonpFunction object| DruidDummyLibraries object| platform function| DruidWebchat function| onSubmitDisable function| $ function| jQuery object| bootstrap object| Popper function| tippy function| _ function| DruidEvent string| DRUID_WEBCHAT_INSTANCE_ID9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
app.benefitsystems.ro/ | Name: PHPSESSID Value: u9c702thhg0jonmp07j8btu6pf |
|
.app.benefitsystems.ro/ | Name: language Value: ro |
|
.app.benefitsystems.ro/ | Name: currency Value: RON |
|
app.benefitsystems.ro/ | Name: TS0138889a Value: 011176c2bcc6e7898ba94821366afad0b2d4ade045a279c8cc97000b7c5a9ae40cf9eb6d4fb3efc603326fb9ae082ea5d83b6d3766 |
|
.app.benefitsystems.ro/ | Name: TS01679bde Value: 011176c2bcc6e7898ba94821366afad0b2d4ade045a279c8cc97000b7c5a9ae40cf9eb6d4fb3efc603326fb9ae082ea5d83b6d3766 |
|
app.benefitsystems.ro/ | Name: TSbb8a9dd4027 Value: 086ce66ec3ab2000a1798cd43f13fa991d7bf190a7bc631733ede46c52d7dd5010215402ce18bee208373f981d1130002a70b8285b5d1dc037e4f55dfe3785815f89ff59a93f2b0620ca098ba5b81f864ca1c39bd05d596f6cab1374d8438d80 |
|
login.benefit.edenred.ro/ | Name: .AspNetCore.Antiforgery.zbjUl449ekk Value: CfDJ8JgAUERNJ4lAoSL15suwxZQ6NXey66ceHrBgEbvqqho0rPK3utz23zf8cvm3Y0wqGedbe6305cg7fkQs8avMm710XZmSBxvnUIUQdWwU65poK8129qHawVETg1z0OOYQhiIpJJAt0-_871nX_MGvXQQ |
|
login.benefit.edenred.ro/ | Name: TS0138889a Value: 011176c2bc1e66d6792c53e20dd10f988f0a2416af613face01d685abd507e78484c7d9560b9e79b90a08d78af8ea436986c5b191d |
|
login.benefit.edenred.ro/ | Name: TSbb8a9dd4027 Value: 086ce66ec3ab200040581b763e9125c45e0d1adafadaa34b6aa5ad985daa9e9a7cb1f2d4f4158cc40850fec21e11300020237f332733e8e2e390396cf4926ba7c83db5e469e853fa53ac1d353a7f75dff057c6b89e841150d08235b6e4fd0679 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self' https://druidapi.druidplatform.com https://directline.botframework.com;script-src 'self' https://prod-druid-apc.azureedge.net;object-src 'none';style-src 'self' 'unsafe-inline' https://prod-druid-apc.azureedge.net https://fonts.googleapis.com;img-src 'self' data: https://www.edenred.ro;frame-src https://privacyportal-de.onetrust.com;font-src 'self' data: https://fonts.googleapis.com https://fonts.gstatic.com;base-uri 'self';frame-ancestors 'none';block-all-mixed-content |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | DENY |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
app.benefitsystems.ro
druidapi.druidplatform.com
fonts.googleapis.com
login.benefit.edenred.ro
prod-druid-apc.azureedge.net
tracking.benefitsystems.ro
www.edenred.ro
107.162.162.24
13.107.246.38
142.251.111.95
159.60.128.252
18.198.218.66
20.82.36.44
21b370094d06d7c094e1d5569ad3d66c99aed73e666fbda1e9e1420387e48382
273b7099e0f8e7884a210216bcb4be544d39a3e9374042a3c52907c9f9fbcdbb
43c1442ae5959bac5957595d96e6503bbce4ba333af532fe4264d283ffe7453f
459cb2fb6609902f18243e5949eec7a4bb2999a99ebfd44120f33bc2530b3ea8
4c23e90cae5d7927f1c2c651f18366c13a6c73604df1e118668c935d745c2397
4f80395939b162664b733b6179162fa391cf8e4572d02b62e0f39d57953586c7
532a8591a3844361e3ac607e4a142b621400a0a01c5b74f53b5af9e0b0804c48
5969f497d9158d7682f8219c6f13fa67269cdf5bf50a3931d95327151dee5678
63434ce3722e02ed9937660e3cef8274ed750e403bed0796807dfc3d1c3fabfb
667e716410d4179091ce1c2c9e89e58853c9a98b00e5570282864dd333fc5bef
69e9aacdd509e5e5825c58b205f14f245d5655fdf60f65afff34932090931b72
6bd452b2fda144743527b30adc803a4e1dae1cfbc6168bcc9d20028327e3dd00
77e1051e759bb5b784b7c5ab7275f5aca13821a3ccd365b7e394ea9a7b20f6d4
873388935ce77753a055db3212a73f411ff0475c5b15326b42e70bfb2032a1a8
9ef5aaf6c6a1b7706f3f6e2f44b0f149a9743c2edfb5598b3d26ba2864ac9129
a2c8541f7adc1b24cb88dfb230acb6084773596c9e6dc49b746988f4dd8280fb
a9705dfc47c0763380d851ab1801be6f76019f6b67e40e9b873f8b4a0603f7a9
b2d798b344a9e9958f7b9c8b5275f3ae2d9be4b7558d3beb626bab57f66abf1d
ba01203e194d247efeadf1dcb0208b3eb89c20bf9e363a90a39192d8226d01d6
ba38dcc2bb8f52a1e054b6c99c461b41e47c8b58ea7724abff6a4e8ff33c2333
c682708d6391010f415ffb79ac15d35682f71723b18ef5cae96f8539be44308f
d184431ddf5595d43eb6de511bc7501f07265578aa855ea7510a15e3938e1bc9
fa59ba562c89e734d82b257a43307c09bcee2b9c6ca031552ec73b84eafc4474