![](/screenshots/8d1bb690-858a-4c9d-9506-04208ae33d77.png)
quotes.qualifymedicare.com
Open in
urlscan Pro
67.205.157.224
Public Scan
Effective URL: https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=2...
Submission: On November 01 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by R3 on October 27th 2021. Valid for: 3 months.
This is the only time quotes.qualifymedicare.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN15169 (GOOGLE, US)
PTR: 23.11.133.34.bc.googleusercontent.com
23.11.133.34.bc.googleusercontent.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-236-164-87.us-west-2.compute.amazonaws.com
puysegura.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-225-97.us-west-1.compute.amazonaws.com
dnuohxof.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-170-55.eu-west-1.compute.amazonaws.com
qv.qvtrack.com |
ASN14061 (DIGITALOCEAN-ASN, US)
quotes.qualifymedicare.com |
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f8.1e100.net
www.googletagmanager.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-206-51.fra56.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-243-42-155.compute-1.amazonaws.com
insurance.mediaalpha.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-118.fra60.r.cloudfront.net
ns.qualifymedicare.com |
ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com |
ASN15169 (GOOGLE, US)
PTR: fra16s45-in-f14.1e100.net
www.google-analytics.com |
ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-frt3.fbcdn.net
connect.facebook.net |
ASN15169 (GOOGLE, US)
PTR: wl-in-f155.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f4.1e100.net
www.google.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-15.fra56.r.cloudfront.net
cdn.trustedform.com |
ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net
fonts.gstatic.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-123.fra56.r.cloudfront.net
js.callcdn.com |
Domain | Requested by | |
---|---|---|
18 | quotes.qualifymedicare.com |
23.11.133.34.bc.googleusercontent.com
quotes.qualifymedicare.com cdn.trustedform.com |
6 | connect.facebook.net |
23.11.133.34.bc.googleusercontent.com
connect.facebook.net |
6 | sessions.bugsnag.com |
d2wy8f7a9ursnm.cloudfront.net
|
4 | fonts.gstatic.com |
quotes.qualifymedicare.com
|
4 | www.google-analytics.com |
www.googletagmanager.com
quotes.qualifymedicare.com |
2 | cdn.trustedform.com |
quotes.qualifymedicare.com
cdn.trustedform.com |
1 | d2m2wsoho8qq12.cloudfront.net |
create.lidstatic.com
|
1 | api.trustedform.com |
cdn.trustedform.com
|
1 | create.leadid.com |
create.lidstatic.com
|
1 | display.ringba.com |
js.callcdn.com
|
1 | js.callcdn.com |
quotes.qualifymedicare.com
|
1 | create.lidstatic.com |
quotes.qualifymedicare.com
|
1 | www.google.de |
quotes.qualifymedicare.com
|
1 | www.google.com |
quotes.qualifymedicare.com
|
1 | stats.g.doubleclick.net |
www.google-analytics.com
|
1 | ns.qualifymedicare.com |
quotes.qualifymedicare.com
|
1 | insurance.mediaalpha.com |
quotes.qualifymedicare.com
|
1 | d2wy8f7a9ursnm.cloudfront.net |
quotes.qualifymedicare.com
|
1 | www.googletagmanager.com |
quotes.qualifymedicare.com
|
1 | polyfill.io |
quotes.qualifymedicare.com
|
1 | qv.qvtrack.com | 1 redirects |
1 | dnuohxof.com | 1 redirects |
1 | puysegura.com | 1 redirects |
1 | 23.11.133.34.bc.googleusercontent.com | |
0 | nsapi.qualifymedicare.com Failed |
ns.qualifymedicare.com
|
63 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
qualifymedicare.com |
privacyportal-eu-cdn.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
qualifymedicare.com R3 |
2021-10-27 - 2022-01-25 |
3 months | crt.sh |
polyfill.io GlobalSign Atlas R3 DV TLS CA 2020 |
2021-06-04 - 2022-07-06 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
*.cloudfront.net Amazon |
2021-03-19 - 2022-03-17 |
a year | crt.sh |
mediaalpha.com Amazon |
2021-08-10 - 2022-09-08 |
a year | crt.sh |
ns.qualifymedicare.com Amazon |
2021-06-30 - 2022-07-29 |
a year | crt.sh |
*.bugsnag.com Sectigo RSA Domain Validation Secure Server CA |
2021-05-05 - 2022-05-05 |
a year | crt.sh |
*.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-08-11 - 2021-11-09 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
cdn.trustedform.com Amazon |
2021-05-14 - 2022-06-12 |
a year | crt.sh |
lidstatic.com Cloudflare Inc ECC CA-3 |
2021-04-30 - 2022-04-29 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2021-10-04 - 2021-12-27 |
3 months | crt.sh |
*.callcdn.com Amazon |
2021-03-16 - 2022-04-14 |
a year | crt.sh |
*.ringba.com Amazon |
2021-01-12 - 2022-02-09 |
a year | crt.sh |
create.leadid.com Amazon |
2021-04-24 - 2022-05-23 |
a year | crt.sh |
*.trustedform.com Amazon |
2021-10-12 - 2022-11-09 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373
Frame ID: D41896A842345C77896EA42B83E9A2DB
Requests: 56 HTTP requests in this frame
Frame:
https://api.trustedform.com/certs
Frame ID: 7A0DB1BC10BD4DE385996099240CEEE7
Requests: 1 HTTP requests in this frame
Frame:
https://api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/snapshot
Frame ID: EB9F04DEAEF612E84559269BAAC0AFB2
Requests: 2 HTTP requests in this frame
Frame:
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=A4A84C10-178C-E62C-EA30-B895CCCEBB3C&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.7&lck=E925EC5A-9B7E-3937-CD4B-4FD00DEB5CC1&lac=19FF42BE-C948-1EA2-9AD5-1E59A50943FC
Frame ID: BE85222B41E2818DA09834C346679C2F
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/8d1bb690-858a-4c9d-9506-04208ae33d77.png)
Page URL History Show full URLs
- http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxM... Page URL
-
https://puysegura.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067
HTTP 302
https://dnuohxof.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067&ckmguid=3b03f513-04cf-48a... HTTP 302
https://qv.qvtrack.com/aff_c?offer_id=20&aff_id=1373&aff_sub=4504&aff_sub2=16&aff_click_id=387869696 HTTP 302
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd352... Page URL
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
Title: QualifyMedicare
Search URL Search Domain Scan URL
Title: partners
Search URL Search Domain Scan URL
Title: click here.
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://23.11.133.34.bc.googleusercontent.com/t?encv=2&v=RFlSeHJwRHNId2NoWlJ5dzF1NU9xZWR2V09xcTg0bHFpajEyeXJ1N0xVb0lNcjFxMGF5cEpSdm54cWRndHN2b1hhb1V2VmlvQ01xQ2lLc0k3MmZNd0FPWWZxRmlVQ0pRNGpQUjZiOGVuR0JxdkNTaEgxOGVFaDlCcFV3U1BEOWhxODZKSFRXSGhUTHRQYXg4TlhpZWNTbkJ4R1pmdlZNV05vWGNFRG02RW44OFJ4aUxnOFRYSDJVcDRLUHpSd3pHbUdaM2dEY1Fnd3hnVnJHZGxiTE5WNDBtbjQxa0h4TEdkRC9lN2xKOS9pRT0= Page URL
-
https://puysegura.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067
HTTP 302
https://dnuohxof.com/?E=RKhVOoGiB9SqhbIyrU567cay2ltB7B34&s1=16&s2=36067&ckmguid=3b03f513-04cf-48a1-b461-0b0578b4f6cc HTTP 302
https://qv.qvtrack.com/aff_c?offer_id=20&aff_id=1373&aff_sub=4504&aff_sub2=16&aff_click_id=387869696 HTTP 302
https://quotes.qualifymedicare.com/medicare?&SRC=QV1373&Sub_ID=QV1373&Sub_ID2=4504&Pub_ID=102d646a30a9d9d1bd3524a6fa9879&offer_id=20&affiliate_id=1373&transaction_id=102d646a30a9d9d1bd3524a6fa9879&sid=qv_1373 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
63 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
t
23.11.133.34.bc.googleusercontent.com/ |
244 B 697 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
medicare
quotes.qualifymedicare.com/ Redirect Chain
|
76 KB 24 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
polyfill.min.js
polyfill.io/v3/ |
101 B 559 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
130 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v7/ |
40 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combined.js
quotes.qualifymedicare.com/js/ |
361 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
serve.js
insurance.mediaalpha.com/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.js
quotes.qualifymedicare.com/js/ |
1 MB 328 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
combined.css
quotes.qualifymedicare.com/css/ |
222 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
app.css
quotes.qualifymedicare.com/css/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
N1D3569C61887F.js
ns.qualifymedicare.com/js/ |
69 KB 22 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sessions.bugsnag.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
sessions.bugsnag.com/ |
21 B 97 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
48 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
98 KB 26 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
229188358434172
connect.facebook.net/signals/config/ |
307 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 449 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
689801304971358
connect.facebook.net/signals/config/ |
307 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
706688969886441
connect.facebook.net/signals/config/ |
307 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.js
cdn.trustedform.com/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e925ec5a-9b7e-3937-cd4b-4fd00deb5cc1.js
create.lidstatic.com/campaign/ |
123 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sessions.bugsnag.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
/
sessions.bugsnag.com/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
27.js
quotes.qualifymedicare.com/js/chunks/ |
55 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
28.js
quotes.qualifymedicare.com/js/chunks/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
sessions.bugsnag.com/ |
21 B 82 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
sessions.bugsnag.com/ |
21 B 82 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
0.js
quotes.qualifymedicare.com/js/chunks/ |
15 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
25.js
quotes.qualifymedicare.com/js/chunks/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
16.js
quotes.qualifymedicare.com/js/chunks/ |
33 KB 10 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
17.js
quotes.qualifymedicare.com/js/chunks/ |
14 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
13.js
quotes.qualifymedicare.com/js/chunks/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
15.js
quotes.qualifymedicare.com/js/chunks/ |
775 B 726 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ringba
quotes.qualifymedicare.com/webform/session/tag/ |
43 B 972 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
oxEng3ak79I77anrTTaYWMotkIPfFVsXA9rdPc9U.webp
quotes.qualifymedicare.com/storage/ |
20 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-icon-blue.png
quotes.qualifymedicare.com/img/ |
8 KB 9 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
phone-icon-w.svg
quotes.qualifymedicare.com/img/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v9/ |
8 KB 8 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
1708702472598035
connect.facebook.net/signals/config/ |
307 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
get-geolocation
quotes.qualifymedicare.com/ |
367 B 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ringba.com.js
js.callcdn.com/js_v3/min/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
727192434401219
connect.facebook.net/signals/config/ |
307 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
gnbulk
display.ringba.com/v2/nis/ |
394 B 791 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GenerateToken
create.leadid.com/2.11.7/ |
36 B 333 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
certs
api.trustedform.com/ Frame 7A0D |
475 B 686 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
D3569C61887F
nsapi.qualifymedicare.com/v1/C/RawData/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
trustedform-1.5.8.js
cdn.trustedform.com/ |
82 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
snapshot
api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/ Frame EB9F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
oxEng3ak79I77anrTTaYWMotkIPfFVsXA9rdPc9U.webp
quotes.qualifymedicare.com/storage/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
phone-icon-blue.png
quotes.qualifymedicare.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
phone-icon-w.svg
quotes.qualifymedicare.com/img/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
fingerprints
api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/ Frame EB9F |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame BE85 |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
SaveDom
create.leadid.com/2.11.7/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
InitFormData
create.leadid.com/2.11.7/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- nsapi.qualifymedicare.com
- URL
- https://nsapi.qualifymedicare.com/v1/C/RawData/D3569C61887F?v=85520077-1ceb-4866-9a98-c761a9292d5e&se=1175afc9-cb5c-4e45-8282-a9eb5376ca1d&d=eyJ2IjoiODU1MjAwNzctMWNlYi00ODY2LTlhOTgtYzc2MWE5MjkyZDVlIiwibSI6IjRkMzZlNjNlLWFmZjgtNDcyMi1iZDIzLTQwNGEyYWJkY2U5NiIsImNzaSI6IiIsInNlIjoiMTE3NWFmYzktY2I1Yy00ZTQ1LTgyODItYTllYjUzNzZjYTFkIiwibiI6MSwicCI6ImM3YjJkYjA4LWQwODMtNDk2Zi04NDliLTkxZmIwOGIxZTUxMCIsInUiOiJodHRwczovL3F1b3Rlcy5xdWFsaWZ5bWVkaWNhcmUuY29tL21lZGljYXJlP1NSQz1RVjEzNzMmU3ViX0lEPVFWMTM3MyZTdWJfSUQyPTQ1MDQmUHViX0lEPTEwMmQ2NDZhMzBhOWQ5ZDFiZDM1MjRhNmZhOTg3OSZvZmZlcl9pZD0yMCZhZmZpbGlhdGVfaWQ9MTM3MyZ0cmFuc2FjdGlvbl9pZD0xMDJkNjQ2YTMwYTlkOWQxYmQzNTI0YTZmYTk4Nzkmc2lkPXF2XzEzNzMiLCJwbiI6Ii9tZWRpY2FyZSIsInIiOiJodHRwOi8vMjMuMTEuMTMzLjM0LmJjLmdvb2dsZXVzZXJjb250ZW50LmNvbS8iLCJ0IjoiIiwiYyI6Imh0dHBzOi8vcXVvdGVzLnF1YWxpZnltZWRpY2FyZS5jb20vbWVkaWNhcmU%2FU1JDPVFWMTM3MyZTdWJfSUQ9UVYxMzczJlN1Yl9JRDI9NDUwNCZQdWJfSUQ9MTAyZDY0NmEzMGE5ZDlkMWJkMzUyNGE2ZmE5ODc5Jm9mZmVyX2lkPTIwJmFmZmlsaWF0ZV9pZD0xMzczJnRyYW5zYWN0aW9uX2lkPTEwMmQ2NDZhMzBhOWQ5ZDFiZDM1MjRhNmZhOTg3OSZzaWQ9cXZfMTM3MyIsInByIjoiNjE4ODdGIiwicyI6MSwidnMiOjEsImwiOiJQYWdlTG9hZCIsInMwMSI6IlFWMTM3MyJ9&callback=cb889162e1928f2
- Domain
- api.trustedform.com
- URL
- https://api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/snapshot
- Domain
- quotes.qualifymedicare.com
- URL
- https://quotes.qualifymedicare.com/storage/oxEng3ak79I77anrTTaYWMotkIPfFVsXA9rdPc9U.webp
- Domain
- quotes.qualifymedicare.com
- URL
- https://quotes.qualifymedicare.com/img/phone-icon-blue.png
- Domain
- quotes.qualifymedicare.com
- URL
- https://quotes.qualifymedicare.com/img/phone-icon-w.svg
- Domain
- api.trustedform.com
- URL
- https://api.trustedform.com/certs/81a4083a251405c5458eed84467cf7abbbc1146f/fingerprints
- Domain
- create.leadid.com
- URL
- https://create.leadid.com/2.11.7/SaveDom?msn=2&pid=cb3e88e4-f7e7-479d-874c-1f1a7121573e&token=A4A84C10-178C-E62C-EA30-B895CCCEBB3C&_=523220403
- Domain
- create.leadid.com
- URL
- https://create.leadid.com/2.11.7/InitFormData?msn=3&pid=cb3e88e4-f7e7-479d-874c-1f1a7121573e&token=A4A84C10-178C-E62C-EA30-B895CCCEBB3C&_=523220404
Verdicts & Comments Add Verdict or Comment
93 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler object| dataLayer object| FORM_SETTINGS string| __INITIAL_STATE__ object| __INITIAL_ANSWERS__ string| _NOW string| _IP string| _USER_AGENT string| _VISITOR_ID string| _SKIP_TO_STEP function| createImage object| Bugsnag object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| fbq function| _fbq object| gaplugins object| gaGlobal object| gaData function| _typeof2 function| _typeof boolean| windowIsDefined function| $ function| jQuery function| Popper object| bootstrap function| Inputmask function| moment function| Slider object| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__fetchUserID function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__enableDirectLinks function| MediaAlphaExchange__disableDirectLinks function| MediaAlphaExchange__loadDirectLink function| MediaAlphaExchange__load undefined| targetID undefined| targetElt function| ringbaCallbackPhoneNumber function| ringbaCallbackPhoneNumberTYP function| loadMediaAlphaExchange function| clearExtraTextNumber function| phone_format function| addRingbaTag_ function| parseDebType function| addRingbaTag function| loadLiadmScript function| phone_format_ string| IS_BOT object| __TODAY string| full_version string| APP_URL string| APP_NAME string| PUBLIC_URL string| APP_PHONE_NUMBER string| APP_EMAIL string| APP_RINGBA_TAG string| RINGBA_HOME_NUMBER string| RINGBA_TYP_NUMBER object| _rgba_tags object| webpackJsonp function| setImmediate function| clearImmediate function| _ object| regeneratorRuntime function| axios function| getComponentNameAttribute function| canUseWebP function| Vue boolean| ad_block function| _MGX_LU function| _MGX_LG object| MGX object| __MGX__ object| MGX_API object| MGX_DATA object| trustedForm function| trustedFormStartRecording function| trustedFormStopRecording object| VueScrollTo object| _rgba object| ringba object| LeadiDconfig object| LeadiD15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
23.11.133.34.bc.googleusercontent.com/ | Name: PHPSESSID Value: cdiitc7ugnsa90198c45tpguv7 |
|
.dnuohxof.com/ | Name: sl Value: nkYKqMgJ6d8bVVm03m7xKtH8rpWOjEwEAz8rrjpbJZ983IZHn9PaFA== |
|
.dnuohxof.com/ | Name: tib Value: bxm+bGNKam7YvFZwqtWJWNH8rpWOjEwEAz8rrjpbJZ983IZHn9PaFA== |
|
.dnuohxof.com/ | Name: c6721 Value: nkYKqMgJ6d+1PEwXTLNYN6p0M0pRqAMk23twQCD+WkTa7zsnTMeLwA== |
|
qv.qvtrack.com/ | Name: enc_aff_session_20 Value: ENC0307d0bc01e6eb159fd04350653ea332de68ae690d47331d6881dbac0e0d689f69806b45cc467d5f671d44754c84896ab0349c1584de6c969f1c06fbe29386f243219c62b8bc5f95ec364d25a9b75861cca250aac4ab0257ac936e53dcc90e7c396bbe1165ca5ed39090b24eb9bd34beb4565fceaa564abbf8ab2494a2491ba4301db9461c074ac2a1cf6ca2be40672988c27dba5e407f1e91cb38f29992cad58108afbc5e |
|
qv.qvtrack.com/ | Name: ho_mob Value: eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9vc192ZXJzaW9uIjoiMCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJDaHJvbWUiLCJtb2JpbGVfZGV2aWNlX2JyYW5kIjoiR29vZ2xlIiwibW9iaWxlX2Jyb3dzZXIiOiJDaHJvbWUgRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiI5NS4wIiwibW9iaWxlX2NhcnJpZXIiOiI/IiwidXNlcl9hZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyBYNjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIExpa2UgR2Vja28pIENocm9tZS85NS4wLjQ2MzguNTQgU2FmYXJpLzUzNy4zNiIsImFjY2VwdF9sYW5ndWFnZSI6ImRlLURFLGRlO3E9MC45IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9 |
|
quotes.qualifymedicare.com/ | Name: get_query_params Value: %7B%22SRC%22%3A%22QV1373%22%2C%22Sub_ID%22%3A%22QV1373%22%2C%22Sub_ID2%22%3A%224504%22%2C%22Pub_ID%22%3A%22102d646a30a9d9d1bd3524a6fa9879%22%2C%22offer_id%22%3A%2220%22%2C%22affiliate_id%22%3A%221373%22%2C%22transaction_id%22%3A%22102d646a30a9d9d1bd3524a6fa9879%22%2C%22sid%22%3A%22qv_1373%22%7D |
|
.qualifymedicare.com/ | Name: _gcl_au Value: 1.1.409661381.1635797500 |
|
.qualifymedicare.com/ | Name: _ga Value: GA1.2.2043938651.1635797500 |
|
.qualifymedicare.com/ | Name: _gid Value: GA1.2.2019437379.1635797500 |
|
.qualifymedicare.com/ | Name: _dc_gtm_UA-164652376-1 Value: 1 |
|
quotes.qualifymedicare.com/ | Name: isReturn Value: false |
|
.qualifymedicare.com/ | Name: MGX_UC Value: JTdCJTIyTUdYX1AlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyODU1MjAwNzctMWNlYi00ODY2LTlhOTgtYzc2MWE5MjkyZDVlJTIyJTJDJTIyZSUyMiUzQTE2MzYzMjMxMDA4MTQlN0QlMkMlMjJNR1hfUFglMjIlM0ElN0IlMjJ2JTIyJTNBJTIyMTE3NWFmYzktY2I1Yy00ZTQ1LTgyODItYTllYjUzNzZjYTFkJTIyJTJDJTIycyUyMiUzQXRydWUlMkMlMjJlJTIyJTNBMTYzNTc5OTMwMDgxNSU3RCUyQyUyMk1HWF9DSUQlMjIlM0ElN0IlMjJ2JTIyJTNBJTIyZTMxZmEyNzktYjhhNC00ODJjLWEyZmYtNDY4MjU1ZjI0MGRmJTIyJTJDJTIyZSUyMiUzQTE2MzYzMjMxMDA4MTUlN0QlN0Q= |
|
quotes.qualifymedicare.com/ | Name: XSRF-TOKEN Value: eyJpdiI6ImcxeVJpUy9Mb25vSlJLUEhTSVdMdnc9PSIsInZhbHVlIjoieHdFUnVFNFE2Uk5OSkt5ZW5VTzNqYVBpT1FwZkRXNDNmSUVhRkdHWUt0eVZ5b2FNdnZtYlA1TkRnRG9xekJXa3RsOFVxQ0d6WWpnemlqWnhycjNZZ2NWZkFNdmVRR1JQMHBxYVlHSDR6TmJaUGZrZWtuNWZ5ZjRuK2dQRXE4MloiLCJtYWMiOiI1ODlmMjhhZDI4NmQyMWQ2MmQwZmRhOGY1YjkwMGYxMGYxODVhY2U1NzA3ZDk1NDIxNjkyZjkzMzM2YzIyYTQxIn0%3D |
|
quotes.qualifymedicare.com/ | Name: qualifymedicare_session Value: eyJpdiI6Ik93TDArQ0x5dEJycS9Vc1ZEdXZwNWc9PSIsInZhbHVlIjoiWVl5bEU2NzdUbXhDWTAvYUVIVEJUNzZrMjNLU3l2OGcwWUkrT3IybEdRNlZKclJZV3FpSFNWMHhKcHRwQ3FZTUo2VDBjQXoyYTg0aXB2UVV3c2hUVXFCU0tEYXFrcmYwc2FSS044ZG5yaWdpSE50WlpyaWhKTEw0ZEZNNmR1QW0iLCJtYWMiOiJkOWU1MDY5YzIxOTk0YmVlMjU2NjFjZjM2NzkwN2IxY2E0NzRlNThiNTUxMDVlMDJmMDAyNTU1ZmZkYTI1ZTk5In0%3D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
23.11.133.34.bc.googleusercontent.com
api.trustedform.com
cdn.trustedform.com
connect.facebook.net
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
display.ringba.com
dnuohxof.com
fonts.gstatic.com
insurance.mediaalpha.com
js.callcdn.com
ns.qualifymedicare.com
nsapi.qualifymedicare.com
polyfill.io
puysegura.com
quotes.qualifymedicare.com
qv.qvtrack.com
sessions.bugsnag.com
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
api.trustedform.com
create.leadid.com
nsapi.qualifymedicare.com
quotes.qualifymedicare.com
13.32.99.118
142.250.184.200
142.250.186.132
142.250.186.35
151.101.1.26
157.240.20.19
172.217.23.110
172.67.41.229
18.200.170.55
18.236.164.87
216.58.212.163
23.21.25.50
34.133.11.23
34.205.104.175
35.190.88.7
52.222.206.49
52.222.206.51
52.222.214.123
52.222.214.15
52.55.155.63
54.183.225.97
54.243.42.155
64.233.167.155
67.205.157.224
042a82f58baa7a201449dc7d695f0e109ea8deb6b6463e9030e0ac1f4deef11e
068bc6a38e6e2966c58145df6cec98e22dc11e9bded86691ac0ac487680ea58c
07d2b7c2df967b7820b8ce99be3f7db1a1db5a82797826cd9a06e6489e89f71a
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
0d36db8bd8d057f956f967f8dfda23793e4ad714a5907fc6d09764a41710a892
197cc8b85fc8f9d77f3cb3d8b645daf472890819172b5ca149798445c57e7353
1b35261b95ec779b25d6a27b1b2c1c2d6f1c08f329ffd643478ad63d7ddcdea0
1de9ce2402d64485801d5be6d4cc07c916c0c83ecc981a494519501e0126c09f
2325fcd937bca9732281e9f4f8960d8fb5aed726265ceb609a77f50cd7039148
2435d019c8ca3eaa52c14f444aec3d2ddcf2a86f5857e2ea0ad84fe4e699b701
2be01413e6757062edd5875cd4c62c9b0f90f24b7dd8314fe4d2c85f61ed0775
38393eac4ad281d91bf12a7033abad71ee9361e7c435a61946d843ff8611a6eb
40a75708871790c836718a9b48adcd37fe53c23bf7d54b07f7bc5559212f43b0
435ecaa76a4081cb3b0a7047b4eb932ee4a0e1cb75ce5b5679d184baea4f8d3c
46126077098b02a99d5a377b7b9338a85ca972c7b5bf9b3e01423ceae916c33c
56a522e79770e488da6015ed10f8c2bdafbcd87a7c6d443f7a293579bd0ef58d
5e07f937be00bbef113152fa46b2b2d5df97f405b152881c96e1c5069d8f405d
614aff1363969b4af5d989a61506e4c73cb0c91dd43d7c058ce226f3904a6228
6301ae4b1479113f370dbf6ada5656468a565ea27a290d42d8ffebd5999b2fcf
63ca3e74236e892b7848373d84691503ab1ce70261cc4ff21db83878acba7be4
699f949d43ae203fd25376a3119bf7c2745ce18ba9145d018b04087be5da8015
6f8fad21e46eeb5db13045d519f47e3f7c3e7ae68d63f0b638903e72b4628635
70ec85903090465504df28562a0605f6cd13c2e78dbbe0e63309eb4c383a5cfd
7a53e5c81102f4f73559daf80643c34ce7f885bb57d16ba7b1a2a411a7523b57
7ee98cf776cddef70f6600e7a109c34a78cb998d856dbcecdfdf281e5fbb0150
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9cbf746bf2784917156a62ac12a63cf5d39a16d5518422cf43cbb401d4f81140
9d87d7378a961432e4db40c72a964062058a418d33aa724a20319fc5525e47f3
9f74593149adc21c135cc88bba9dfb21d71504ae0f2f558e0f2fe227ff98b380
ac83ec2a44e576df28a2646d24287bfa37ce8b0c56186d30a35102dc3cf4d3f4
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
c7390dbeaf71fccd7ea15ba5e14df791bf4e9a13136e55729f08533db2f53a55
c75d0e774b08058ae8ed0e5e9a4d6107d7fddba261d93b7a74fca85aeed3081b
c93f609750657561e2b08f8ff8f56c2829d147679c99db6deea417326f08e934
d09d0e88cc340fe5bab0f79aa33ae78dba44466e57f11a37d4780d5a66e9461d
dc9b78120e4e34fcd5703df9b1d574aacc0c68dd40d63d8563df84a9ce024e6a
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
de8bc6c32725e2188055ec6d1abf2eebf5f7d5b0d15b71b73e402e6e480a7808
df1de70fbdd6413faab33f083c1d3fc35a2562b822c54ebc5269b9f148c432e1
df4872c795067ac25c3135f01096a942ff65ab4cac2e5c0598d004a934b7163d
e0670644f011bf72fb4c4a6c70a4dca03fd8761e209a302571013efb996333e1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7c10a03b3a17118267824a70f9902898e8e1a734b64bfa3674a1ef0b15ac131
fab32ccef85408b763c899ad7c0b910c96c76dc9ed7158ce304fdcd3c0bf8388
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62