login.hagerty.com
Open in
urlscan Pro
192.149.219.18
Public Scan
Effective URL: https://login.hagerty.com/identity/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DProd%2520Usa...
Submission Tags: falconsandbox
Submission: On August 19 via api from US — Scanned from DE
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 30th 2022. Valid for: a year.
This is the only time login.hagerty.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN46252 (HIA-TRCY, US)
PTR: 192-149-219-5.static.hagerty.com
www.hagertyagent.com |
ASN46252 (HIA-TRCY, US)
PTR: 192-149-219-18.static.hagerty.com
login.hagerty.com |
ASN16509 (AMAZON-02, US)
d1jv48tuz4bz39.cloudfront.net |
ASN16625 (AKAMAI-AS, US)
PTR: a104-75-88-194.deploy.static.akamaitechnologies.com
tags.tiqcdn.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-174-144.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16625 (AKAMAI-AS, US)
PTR: a96-16-147-243.deploy.static.akamaitechnologies.com
www.everestjs.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-107-221.compute-1.amazonaws.com
www.glancecdn.net |
ASN16509 (AMAZON-02, US)
storage.glancecdn.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-148-115.eu-west-1.compute.amazonaws.com
hagerty.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
secu.hagerty.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-243-107.eu-west-1.compute.amazonaws.com
cm.everesttech.net |
ASN54113 (FASTLY, US)
lasteventf-tm.everesttech.net | |
sync-tm.everesttech.net |
ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net |
ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com |
ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
19 |
hagerty.com
1 redirects
login.hagerty.com — Cisco Umbrella Rank: 351403 secu.hagerty.com — Cisco Umbrella Rank: 214154 |
333 KB |
10 |
everesttech.net
9 redirects
cm.everesttech.net — Cisco Umbrella Rank: 872 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 5953 sync-tm.everesttech.net — Cisco Umbrella Rank: 590 |
2 KB |
5 |
cloudfront.net
d1jv48tuz4bz39.cloudfront.net |
195 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net — Cisco Umbrella Rank: 201 hagerty.demdex.net — Cisco Umbrella Rank: 194379 |
7 KB |
3 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 887 |
64 KB |
2 |
spotxchange.com
1 redirects
sync.search.spotxchange.com — Cisco Umbrella Rank: 521 |
1 KB |
2 |
adnxs.com
1 redirects
ib.adnxs.com — Cisco Umbrella Rank: 230 |
2 KB |
2 |
casalemedia.com
1 redirects
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 525 |
2 KB |
2 |
doubleclick.net
1 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 214 |
906 B |
2 |
glancecdn.net
1 redirects
www.glancecdn.net — Cisco Umbrella Rank: 3447 storage.glancecdn.net — Cisco Umbrella Rank: 4573 |
5 KB |
2 |
hagertyagent.com
2 redirects
www.hagertyagent.com — Cisco Umbrella Rank: 390455 |
3 KB |
1 |
facebook.com
www.facebook.com — Cisco Umbrella Rank: 111 |
563 B |
1 |
pubmatic.com
image2.pubmatic.com — Cisco Umbrella Rank: 877 |
225 B |
1 |
openx.net
us-u.openx.net — Cisco Umbrella Rank: 399 |
273 B |
1 |
rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 327 |
239 B |
1 |
everestjs.net
www.everestjs.net — Cisco Umbrella Rank: 5656 |
3 KB |
40 | 16 |
Domain | Requested by | |
---|---|---|
17 | login.hagerty.com |
1 redirects
login.hagerty.com
|
8 | sync-tm.everesttech.net | 8 redirects |
5 | d1jv48tuz4bz39.cloudfront.net |
login.hagerty.com
d1jv48tuz4bz39.cloudfront.net |
3 | dpm.demdex.net |
1 redirects
login.hagerty.com
|
3 | tags.tiqcdn.com |
login.hagerty.com
tags.tiqcdn.com |
2 | sync.search.spotxchange.com | 1 redirects |
2 | ib.adnxs.com | 1 redirects |
2 | dsum-sec.casalemedia.com | 1 redirects |
2 | cm.g.doubleclick.net | 1 redirects |
2 | secu.hagerty.com |
login.hagerty.com
|
2 | www.hagertyagent.com | 2 redirects |
1 | www.facebook.com | |
1 | image2.pubmatic.com | |
1 | us-u.openx.net | |
1 | pixel.rubiconproject.com | |
1 | lasteventf-tm.everesttech.net |
login.hagerty.com
|
1 | cm.everesttech.net | 1 redirects |
1 | hagerty.demdex.net |
tags.tiqcdn.com
|
1 | storage.glancecdn.net |
login.hagerty.com
|
1 | www.glancecdn.net | 1 redirects |
1 | www.everestjs.net |
tags.tiqcdn.com
|
40 | 21 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.hagerty.com |
www.hagerty.ca |
www.hagertyinsurance.co.uk |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.hagerty.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-03-30 - 2023-04-30 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.tiqcdn.com DigiCert SHA2 Secure Server CA |
2022-02-27 - 2023-02-28 |
a year | crt.sh |
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1 |
2022-08-09 - 2023-09-09 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-10-19 - 2022-11-19 |
a year | crt.sh |
secu.hagerty.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-04-02 - 2023-05-03 |
a year | crt.sh |
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q1 |
2022-02-03 - 2023-03-07 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://login.hagerty.com/identity/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DProd%2520Usa%2520Agent%257CTransactional%26redirect_uri%3Dhttps%253A%252F%252Fwww.hagertyagent.com%252Foidc%252Fcallback%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520BrokerRep%2520ProcessApi%2520PartialTrust%2520%26state%3DOpenIdConnect.AuthenticationProperties%253DWeiOEuVEqHulirBqOtrCmhqWXb26HF6YEOxHIpWnv0JTX7jIBbgRNLqoCuUWwWnpWU8m-_hxypt-iyrA51gWrNxjrSoFsNdFWysCog8GwOUsHR8S-8a101KInsy5U_N7WPgcA-lY_tYU4ue4eYOsN2PiYft23u0WQlxUeCkrSHXHPi4mKAMlZSPjBZCTvdQM6E1hqDidxAS8zhU1AEPW_TKWFeITMM1S0fA__PS7ipFTR22roeYPEr6cpiTQXbVNb5eNEOI2G2-u15_35SffgMSbfv4%26response_mode%3Dform_post%26nonce%3D637965439367275277.NTcyYzZkOWMtYmUwMC00MzE2LTk0ODMtNWQ1MGMwYmY4MDRhYzVmZmRlMTktYTE4MC00OTlhLThjZWItMDdmZTUzNzdkNTgx%26acr_values%3Dpartial%2520BrokerRep%26prompt%3Dlogin%26Hagerty.ct%3D8jWHrx3W3UFTtxrtFzwSg%26x-client-SKU%3DID_NET45%26x-client-ver%3D5.3.0.0%26suppressed_prompt%3Dlogin
Frame ID: 0C4F9EED47B254696FC89F8ECC2090D8
Requests: 32 HTTP requests in this frame
Frame:
https://hagerty.demdex.net/dest5.html?d_nsid=0
Frame ID: 3BDE0C576C229BF89A466AAEA8C44A1C
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
Login - HagertyPage URL History Show full URLs
-
http://www.hagertyagent.com/agent/home
HTTP 301
https://www.hagertyagent.com/agent/home HTTP 302
https://login.hagerty.com/identity/connect/authorize?client_id=Prod%20Usa%20Agent%7CTransactional&redi... HTTP 302
https://login.hagerty.com/identity/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3Fclie... Page URL
Detected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppNexus (Advertising Networks) Expand
Detected patterns
- adnxs\.(?:net|com)
OpenX (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.openx\.net
PubMatic (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.pubmatic\.com
Rubicon Project (Advertising Networks) Expand
Detected patterns
- https?://[^/]*\.rubiconproject\.com
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://www.hagertyagent.com/agent/home
HTTP 301
https://www.hagertyagent.com/agent/home HTTP 302
https://login.hagerty.com/identity/connect/authorize?client_id=Prod%20Usa%20Agent%7CTransactional&redirect_uri=https%3A%2F%2Fwww.hagertyagent.com%2Foidc%2Fcallback&response_type=code%20id_token&scope=openid%20profile%20email%20offline_access%20BrokerRep%20ProcessApi%20PartialTrust%20&state=OpenIdConnect.AuthenticationProperties%3DWeiOEuVEqHulirBqOtrCmhqWXb26HF6YEOxHIpWnv0JTX7jIBbgRNLqoCuUWwWnpWU8m-_hxypt-iyrA51gWrNxjrSoFsNdFWysCog8GwOUsHR8S-8a101KInsy5U_N7WPgcA-lY_tYU4ue4eYOsN2PiYft23u0WQlxUeCkrSHXHPi4mKAMlZSPjBZCTvdQM6E1hqDidxAS8zhU1AEPW_TKWFeITMM1S0fA__PS7ipFTR22roeYPEr6cpiTQXbVNb5eNEOI2G2-u15_35SffgMSbfv4&response_mode=form_post&nonce=637965439367275277.NTcyYzZkOWMtYmUwMC00MzE2LTk0ODMtNWQ1MGMwYmY4MDRhYzVmZmRlMTktYTE4MC00OTlhLThjZWItMDdmZTUzNzdkNTgx&acr_values=partial%20BrokerRep&prompt=login&Hagerty.ct=8jWHrx3W3UFTtxrtFzwSg&x-client-SKU=ID_NET45&x-client-ver=5.3.0.0 HTTP 302
https://login.hagerty.com/identity/Login?ReturnUrl=%2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DProd%2520Usa%2520Agent%257CTransactional%26redirect_uri%3Dhttps%253A%252F%252Fwww.hagertyagent.com%252Foidc%252Fcallback%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520BrokerRep%2520ProcessApi%2520PartialTrust%2520%26state%3DOpenIdConnect.AuthenticationProperties%253DWeiOEuVEqHulirBqOtrCmhqWXb26HF6YEOxHIpWnv0JTX7jIBbgRNLqoCuUWwWnpWU8m-_hxypt-iyrA51gWrNxjrSoFsNdFWysCog8GwOUsHR8S-8a101KInsy5U_N7WPgcA-lY_tYU4ue4eYOsN2PiYft23u0WQlxUeCkrSHXHPi4mKAMlZSPjBZCTvdQM6E1hqDidxAS8zhU1AEPW_TKWFeITMM1S0fA__PS7ipFTR22roeYPEr6cpiTQXbVNb5eNEOI2G2-u15_35SffgMSbfv4%26response_mode%3Dform_post%26nonce%3D637965439367275277.NTcyYzZkOWMtYmUwMC00MzE2LTk0ODMtNWQ1MGMwYmY4MDRhYzVmZmRlMTktYTE4MC00OTlhLThjZWItMDdmZTUzNzdkNTgx%26acr_values%3Dpartial%2520BrokerRep%26prompt%3Dlogin%26Hagerty.ct%3D8jWHrx3W3UFTtxrtFzwSg%26x-client-SKU%3DID_NET45%26x-client-ver%3D5.3.0.0%26suppressed_prompt%3Dlogin Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 22- https://dpm.demdex.net/id?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4E595AA757FF94E40A495DC7%40AdobeOrg&d_nsid=0&ts=1660947135896 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.2.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=4E595AA757FF94E40A495DC7%40AdobeOrg&d_nsid=0&ts=1660947135896
- https://www.glancecdn.net/cobrowse/CobrowseJS.ashx?group=19581&site=production HTTP 302
- https://storage.glancecdn.net/cobrowse/js/GlanceCobrowseLoader_5.4.3M.js
- https://cm.everesttech.net/cm/dd?d_uuid=91352312572092935783718468562578832111 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=YwAKwwAAAFo8wAN6
- https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WXdBS3d3QUFBRm84d0FONg== HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push=&google_sc=&google_hm=WXdBS3d3QUFBRm84d0FONg==&google_tc=
- https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
- https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=YwAKwwAAAFo8wAN6&expires=90
- https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwAKwwAAAFo8wAN6 HTTP 302
- https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=YwAKwwAAAFo8wAN6&C=1
- https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
- https://ib.adnxs.com/setuid?entity=158&code=YwAKwwAAAFo8wAN6 HTTP 307
- https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D158%26code%3DYwAKwwAAAFo8wAN6
- https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
- https://us-u.openx.net/w/1.0/sd?id=537148856&val=YwAKwwAAAFo8wAN6
- https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YwAKwwAAAFo8wAN6
- https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YwAKwwAAAFo8wAN6&img=1 HTTP 302
- https://sync.search.spotxchange.com/partner?adv_id=6409&uid=YwAKwwAAAFo8wAN6&img=1&__user_check__=1&sync_id=fe611ea8-200b-11ed-a6f6-10d4c6b20306
- https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
- https://www.facebook.com/fr/b.php?p=1531105787105294&e=YwAKwwAAAFo8wAN6&t=2592000&o=0
40 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login
login.hagerty.com/identity/ Redirect Chain
|
20 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.min.css
login.hagerty.com/css/fleetwood/ |
161 KB 37 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_hds.css
login.hagerty.com/css/hds/ |
82 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fleetwood-override.css
login.hagerty.com/css/fleetwood/ |
4 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
app_overrides.css
login.hagerty.com/css/hds/ |
64 B 527 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gt-america.css
d1jv48tuz4bz39.cloudfront.net/fonts/gt-america/ |
1 KB 650 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/hagerty/account/prod/ |
109 B 343 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery-3.6.0.min.js
login.hagerty.com/js/useradmin/ |
87 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.min.js
login.hagerty.com/js/useradmin/ |
24 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.validate.unobtrusive.min.js
login.hagerty.com/js/useradmin/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
hds.bundle.min.js
login.hagerty.com/js/hds/ |
61 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrap.js
login.hagerty.com/js/ |
68 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bootstrapx-clickover.js
login.hagerty.com/js/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
site.js
login.hagerty.com/js/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common_h.js
login.hagerty.com/scripts/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
passwordVisbilityToggle.js
login.hagerty.com/js/fleetwood/ |
388 B 695 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-America-Standard-Regular.woff2
d1jv48tuz4bz39.cloudfront.net/fonts/gt-america/ |
46 KB 46 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-America-Extended-Bold.woff2
d1jv48tuz4bz39.cloudfront.net/fonts/gt-america/ |
50 KB 50 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-America-Standard-Medium.woff2
d1jv48tuz4bz39.cloudfront.net/fonts/gt-america/ |
49 KB 49 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GT-America-Standard-Bold.woff2
d1jv48tuz4bz39.cloudfront.net/fonts/gt-america/ |
49 KB 49 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/hagerty/account/prod/ |
207 KB 63 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icons.svg
login.hagerty.com/css/hds/ |
80 KB 27 KB |
XHR
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common_h.js
login.hagerty.com/scripts/ |
235 KB 136 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
2 KB 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
last-event-tag-latest.min.js
www.everestjs.net/static/le/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
GlanceCobrowseLoader_5.4.3M.js
storage.glancecdn.net/cobrowse/js/ Redirect Chain
|
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 216 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
hagerty.demdex.net/ Frame 3BDE |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
secu.hagerty.com/ |
48 B 459 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=YwAKwwAAAFo8wAN6
dpm.demdex.net/ Redirect Chain
|
42 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
lasteventf-tm.everesttech.net/ |
0 208 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
s15819533419192
secu.hagerty.com/b/ss/haghagertyglobalprod/1/JS-2.22.0/ |
43 B 306 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pixel
cm.g.doubleclick.net/ Frame 3BDE Redirect Chain
|
170 B 243 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
89 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tap.php
pixel.rubiconproject.com/ Frame 3BDE Redirect Chain
|
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
rum
dsum-sec.casalemedia.com/ Frame 3BDE Redirect Chain
|
43 B 942 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bounce
ib.adnxs.com/ Frame 3BDE Redirect Chain
|
43 B 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sd
us-u.openx.net/w/1.0/ Frame 3BDE Redirect Chain
|
43 B 273 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 3BDE Redirect Chain
|
0 225 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
partner
sync.search.spotxchange.com/ Frame 3BDE Redirect Chain
|
43 B 549 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b.php
www.facebook.com/fr/ Frame 3BDE Redirect Chain
|
43 B 563 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
42 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| IsInIframe boolean| js_mobile_app_value object| utag_data function| triggerAnalyticsForExample function| $ function| jQuery object| HagertyModals object| hds object| HIA object| utag_err boolean| utag_condload object| utag function| e object| s function| AppMeasurement function| s_gi function| s_pgicq function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_ActivityMap function| _tealium_old_error object| adobe function| Visitor object| s_c_il number| s_c_in number| s_objectID number| s_giq function| AdCloudEvent string| imsOrgId string| rsid object| adCloudCookieData object| cookieInstance object| s_i_haghagertyglobalprod object| GLANCE29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.hagertyagent.com/ | Name: OpenIdConnect.nonce.hluru6Qtn7JTcV3gGNkS8MowAKHcwbEpZ1u9558GOrw%3D Value: Q3N3UUhMdDNQQUg3c0dabE5RT1pBOHRLYkxxeXRHM3FtZGJNeHljVGtMY0l3b3MtSjV2bno2UXFFdkh3UFZRT1A0ZkV6NnpsMWNPTFM2NTI2N2xRLXNnc3FwVEZwOUhLZkdMaEtha3k5anhCVnV6TkRBRTFMcHB0SElEQlQ0WTFaenBiRVZJckxJekxMd2Rsd0dpaVBZQkJJVE5DdmwxVEowYTdxNHNDVTdza3hhWmEwdUxpLXBvbjNPbXl5WUVKRTEzSUxZV1RrRDd0U2F0cHdVa1ltSlY3Q0hF |
|
www.hagertyagent.com/ | Name: Hagerty.ct Value: 8jWHrx3W3UFTtxrtFzwSg |
|
www.hagertyagent.com/ | Name: ASP.NET_SessionId Value: qpy4styoid32cfwvbk0iy3al |
|
www.hagertyagent.com/ | Name: Hagerty.PendingChallenge Value: _2WcMDIrzWwfFc9WSKKiM0V4dAzOGG5a1fXdHbBF7ovO9eUA6LxpUWhZNqRq-Pw0aAzteUZ1ETby6jjscH9CBIK-zumaN4gL1Ro4Qj7-aWU3-tAMwwpHb6ywcBrNFoQPAuaX4Ruk5DBTuSW6SSNa5tlgAfdluZcNXpCtwYtD-OItxxZeZL2Vo8B44FC4tWNyi_0qyemTy89V6IJdpQQSwKoqhTCeASXB1UsybR66IpMNVe2gsDAk-Nvc_gDBHH0w6dm6lg |
|
login.hagerty.com/ | Name: ReturnUrl Value: %2Fidentity%2Fconnect%2Fauthorize%2Fcallback%3Fclient_id%3DProd%2520Usa%2520Agent%257CTransactional%26redirect_uri%3Dhttps%253A%252F%252Fwww.hagertyagent.com%252Foidc%252Fcallback%26response_type%3Dcode%2520id_token%26scope%3Dopenid%2520profile%2520email%2520offline_access%2520BrokerRep%2520ProcessApi%2520PartialTrust%2520%26state%3DOpenIdConnect.AuthenticationProperties%253DWeiOEuVEqHulirBqOtrCmhqWXb26HF6YEOxHIpWnv0JTX7jIBbgRNLqoCuUWwWnpWU8m-_hxypt-iyrA51gWrNxjrSoFsNdFWysCog8GwOUsHR8S-8a101KInsy5U_N7WPgcA-lY_tYU4ue4eYOsN2PiYft23u0WQlxUeCkrSHXHPi4mKAMlZSPjBZCTvdQM6E1hqDidxAS8zhU1AEPW_TKWFeITMM1S0fA__PS7ipFTR22roeYPEr6cpiTQXbVNb5eNEOI2G2-u15_35SffgMSbfv4%26response_mode%3Dform_post%26nonce%3D637965439367275277.NTcyYzZkOWMtYmUwMC00MzE2LTk0ODMtNWQ1MGMwYmY4MDRhYzVmZmRlMTktYTE4MC00OTlhLThjZWItMDdmZTUzNzdkNTgx%26acr_values%3Dpartial%2520BrokerRep%26prompt%3Dlogin%26Hagerty.ct%3D8jWHrx3W3UFTtxrtFzwSg%26x-client-SKU%3DID_NET45%26x-client-ver%3D5.3.0.0%26suppressed_prompt%3Dlogin |
|
login.hagerty.com/ | Name: .AspNetCore.Antiforgery.zbjUl449ekk Value: CfDJ8I3f54WDuW9AiiuNUAL3lTZ9SYuMOBIX3tjMmaQJ0frFcQrr6NtlrFyOH7Wn93EBNaVDuvk9j2ATlFWfKk2_EobX-4xE0lxBYRPNyxixKxg7qc8KCpPZVdes1OruR24P2zRxlwN5E9Uj4Ro9OPyyI14 |
|
login.hagerty.com/ | Name: ADRUM_BTa Value: R%3A0%7Cg%3A71e69023-921b-4671-b08f-9c30665cef07%7Cn%3AHagertyInsuranceAgencyInc_727bf6ee-d910-4fd1-ba68-d63c178846e0 |
|
login.hagerty.com/ | Name: SameSite Value: None |
|
login.hagerty.com/ | Name: ADRUM_BT1 Value: R%3A0%7Ci%3A416297%7Ce%3A31 |
|
.hagerty.com/ | Name: l4NgKsS3 Value: AxcIKriCAQAAS1HH_zVd9MTi-uZI7gmVlqE4YzodiKx-e_ZoYa2LH3YFow2qAbnVm6Wucm46wH8AAEB3AAAAAA|1|0|3105a166f16467734b3a9ca4f203665dd13ce64e |
|
.hagerty.com/ | Name: CONSENTMGR Value: consent:true%7Cts:1660947135884 |
|
.hagerty.com/ | Name: utag_main Value: v_id:0182b829fd870030afbe1c0aa8fc03074040c06c00b08$_sn:1$_se:1$_ss:1$_st:1660948935880$ses_id:1660947135880%3Bexp-session$_pn:1%3Bexp-session$_prevpage:identity%20%3A%20login%3Bexp-1660950735887$vapi_domain:hagerty.com |
|
.demdex.net/ | Name: demdex Value: 91352312572092935783718468562578832111 |
|
.hagerty.com/ | Name: AMCVS_4E595AA757FF94E40A495DC7%40AdobeOrg Value: 1 |
|
.hagerty.com/ | Name: s_ecid Value: MCMID%7C91131202596676824783685129281767134539 |
|
.everesttech.net/ | Name: everest_g_v2 Value: g_surferid~YwAKwwAAAFo8wAN6 |
|
.dpm.demdex.net/ | Name: dpm Value: 91352312572092935783718468562578832111 |
|
.hagerty.com/ | Name: adcloud Value: {%22_les_v%22:%22y%2Chagerty.com%2C1660948936%22} |
|
.hagerty.com/ | Name: s_cc Value: true |
|
.hagerty.com/ | Name: AMCV_4E595AA757FF94E40A495DC7%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19224%7CMCMID%7C91131202596676824783685129281767134539%7CMCAAMLH-1661551936%7C6%7CMCAAMB-1661551936%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1660954336s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19231%7CvVersion%7C5.2.0 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.casalemedia.com/ | Name: CMID Value: YwAKw.40W3doSWMPJzQH9wAA |
|
.casalemedia.com/ | Name: CMPS Value: 1210 |
|
.casalemedia.com/ | Name: CMPRO Value: 1210 |
|
.casalemedia.com/ | Name: CMTS Value: 1163 |
|
.adnxs.com/ | Name: uuid2 Value: 7081136168339289140 |
|
.adnxs.com/ | Name: anj Value: dTM7k!M4.FErk#WF']wIg2Hb=ar^b'!1yIE`_bm.dc%TM/sS8Mp_vRdpnm8wHh/wiF0vWFG?YL@%(2K:$doRL2xc>Hx7R)0@r=<O0/rwze8php!!'n%*%/Hv |
|
.demdex.net/ | Name: dextp Value: 144230-1-1660947136518|144231-1-1660947136621|144232-1-1660947136723|144233-1-1660947136824|144234-1-1660947136925|144235-1-1660947137026|144236-1-1660947137127|144237-1-1660947137228 |
|
.spotxchange.com/ | Name: audience Value: fe611e47-200b-11ed-a6f6-10d4c6b20306 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | default-src 'self';img-src 'self' https://secu.hagerty.com https://*.everestjs.net https://s3.amazonaws.com https://*.everesttech.net https://*.demdex.net data:;connect-src 'self' https://*.demdex.net https://secu.hagerty.com https://*.glance.net wss://*.glance.net https://*.everesttech.net 'unsafe-inline' https://*.hagerty.com https://*.hagerty.ca https://*.hagertyagent.com https://*.hagertybroker.ca;script-src 'self' https://tags.tiqcdn.com https://*.demdex.net https://secu.hagerty.com https://*.everestjs.net https://*.glancecdn.net https://s3.amazonaws.com https://*.everesttech.net 'unsafe-eval' 'unsafe-inline';frame-src 'self' https://*.demdex.net https://*.everestjs.net https://*.everesttech.net;style-src 'self' https://d1jv48tuz4bz39.cloudfront.net https://*.glancecdn.net https://s3.amazonaws.com 'unsafe-inline';font-src 'self' https://d1jv48tuz4bz39.cloudfront.net https://s3.amazonaws.com;base-uri 'self';object-src 'none';frame-ancestors 'self';block-all-mixed-content;sandbox allow-forms allow-modals allow-same-origin allow-scripts; |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Security-Policy | default-src 'self';img-src 'self' https://secu.hagerty.com https://*.everestjs.net https://s3.amazonaws.com https://*.everesttech.net https://*.demdex.net data:;connect-src 'self' https://*.demdex.net https://secu.hagerty.com https://*.glance.net wss://*.glance.net https://*.everesttech.net 'unsafe-inline' https://*.hagerty.com https://*.hagerty.ca https://*.hagertyagent.com https://*.hagertybroker.ca;script-src 'self' https://tags.tiqcdn.com https://*.demdex.net https://secu.hagerty.com https://*.everestjs.net https://*.glancecdn.net https://s3.amazonaws.com https://*.everesttech.net 'unsafe-eval' 'unsafe-inline';frame-src 'self' https://*.demdex.net https://*.everestjs.net https://*.everesttech.net;style-src 'self' https://d1jv48tuz4bz39.cloudfront.net https://*.glancecdn.net https://s3.amazonaws.com 'unsafe-inline';font-src 'self' https://d1jv48tuz4bz39.cloudfront.net https://s3.amazonaws.com;base-uri 'self';object-src 'none';frame-ancestors 'self';block-all-mixed-content;sandbox allow-forms allow-modals allow-same-origin allow-scripts; |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cm.everesttech.net
cm.g.doubleclick.net
d1jv48tuz4bz39.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
hagerty.demdex.net
ib.adnxs.com
image2.pubmatic.com
lasteventf-tm.everesttech.net
login.hagerty.com
pixel.rubiconproject.com
secu.hagerty.com
storage.glancecdn.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tags.tiqcdn.com
us-u.openx.net
www.everestjs.net
www.facebook.com
www.glancecdn.net
www.hagertyagent.com
104.18.19.126
104.75.88.194
13.36.218.177
142.250.185.98
151.101.130.49
185.64.190.80
185.94.180.125
192.149.219.18
192.149.219.5
2600:9000:206e:e00:d:addc:2400:93a1
2600:9000:21f3:8a00:18:5b25:9940:93a1
2a03:2880:f107:83:face:b00c:0:25de
34.98.64.218
37.252.173.215
52.17.148.115
52.215.243.107
54.156.107.221
54.72.174.144
69.173.144.138
96.16.147.243
052015409fae1fce9052a30e114a7ffaf2a2a2bb48581e1654a0072a07aca125
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10d074f6dde0753222b5f562007c830dfcf89c1ecdb8beca67765104ac0e2e1c
12ce3ba8e334366d050bfb9d2e462dc94831c63f720c9240e1818baf2506f7b5
1fc39d86f356a710875ddf4eb30f11ef23ac5a3f4240a183325ba361506c60cc
244fa11165f98ff7551a5decf9fb91db60129bfa561954aa4edfea9a4e746f33
29b18d1e4381d952e1c207d1a5f7d8f8a565798e3088390aed7e8e28d16afd06
2d16e14fa7a314e1476611a59e84deab05c26c5a297e1a0cc25a162f673fc07d
403154ff9873eb5e4f50b22379ec63123880d832a21e470be03903793e71bbf5
4a94e2aa29b4ee4d839bae6ede9745874aaf07d3e5ed34689e0e7462dcc7567a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fa9d3324c151a023efdcfc8bbe874688f4ca043b46a0a1048f0e4d7fb7885ff
50e6072d26098d48004a30addeecabd5b22b91e5ccdf9dd86f96459783e3ac23
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
57089a03c5b0eccbcb946795396f8d386e0134112fa00fb848d99b6cd82e831c
6ba7cce008c5fb2c850ca5b96990cbe6ddb30d486874606ec17158526d356b3d
757f51d08947e3230c57c04ac591f556c6581d584ea71133358464f54a7cb8f5
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
8580288c6c4507eec30653021057fc2faf0fed0460f2a3a919a1871464756bb4
88c860f0c8e416c6103e385d4963610b12177a9d67009e26544756e974fbc64f
8dc3ddc9e56eedffd4573183a612f39b9ec03099a75f1998100a88a42cf96546
a0c2a7a1d233e0904fc56dac825d2c939b934e2e8ea78bbed95b8998b8f42263
a1d920e5707c4481d977512de6785f7c75b64968e4c1d2c5942f6d0f3ad19de3
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
abe47c26290fb786495e9762c4aa85992e3432d0f0dd9c5e54f2950ceb91f229
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
c03c6fae2312f0dce03a40fe9815388bb4441492b44897d89176b5a9c2a7897f
ce9d07500ad91ec2b524c270764ec4c9a33e78320d8d374ec400ede488f6251b
dbe9c80ba86eb6cffcc5914e701f0f4941919c3b2d2d086ecfd74c829e98a276
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e73d387b841a7e5cde112222ec5fd39f84ca6e2d60394d2e24f8ddd945702755
e89214e40a724ee4986e5ba557f8e4b2e2e72d6a964d106d6d5ac2f615149e75
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5f66b2861ec72b02a41fd5d6be01ce3f9f1f0a9e35d03ed363a48a8e9281028
fc3dbf8c2706d0485a6af45e0cc23f551c9d572ac40b59e52ffa70b98ac0c3a0