life.insuredsaving.com Open in urlscan Pro
188.114.96.3  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

26 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H3	200	Primary Request / Show response life.insuredsaving.com/	344 KB 66 KB	635ms 598ms	Document text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://life.insuredsaving.com/ Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7ccaccbba352c56b525eac3b5c9a5941a949de01d5bff8dac4e2b1181246d961 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers access-control-allow-origin * alt-svc h3=":443"; ma=86400 cache-control no-cache, must-revalidate, max-age=0 cf-cache-status DYNAMIC cf-ray 8a9261f38d086650-AMS content-encoding br content-type text/html date Fri, 26 Jul 2024 06:37:42 GMT last-modified Mon, 19 Jul 2021 15:16:13 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B4pziR8j8%2B1PXMyjXzTuqo6QvyrfQmBPB0C%2B2ikjeqVVlf%2FGIdLtnhvtNIWiFV%2FA11VhYXLISmZGqp2rMKlue1cOW7O07ovEx0S36yaQmAWdco2GJWGIhhzAlxg%2Fm0NBqvphlB05X7TS"}],"group":"cf-nel","max_age":604800} server cloudflare x-amz-version-id D_x9Nha6CCPtxWXHOfNu17L35FgAgHJk x-cache MISS x-cache-status REVALIDATED x-edge-location nlam
GET H2	200	presenter.4717d24.css impressure-c630.kxcdn.com/	19 KB 5 KB	542ms 391ms	Stylesheet text/css	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.4717d24.css Requested by Host: life.insuredsaving.com URL: https://life.insuredsaving.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744 Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:43 GMT content-encoding br x-amz-request-id 27M448EVKTGJEVC9 x-edge-location defr x-cache MISS content-length 4928 x-amz-id-2 dAVvAjogFoQ4jvuNYoHuLylud66dyrYdDGVwipDQwYksWlYgasAg+mPOnVmXXtpM89TSjfyaSUhtcne6khguxw== last-modified Wed, 09 Oct 2019 17:37:18 GMT server keycdn etag "e39087b2545506688b40e35efb46751b" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Fri, 02 Aug 2024 06:37:43 GMT
GET H2	200	presenter.473070e.js Show response impressure-c630.kxcdn.com/	394 KB 105 KB	795ms 644ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/presenter.473070e.js Requested by Host: life.insuredsaving.com URL: https://life.insuredsaving.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da Request headers Referer https://life.insuredsaving.com/ Origin https://life.insuredsaving.com User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:43 GMT content-encoding br x-amz-request-id 27M9YXFDATSBW4X2 x-edge-location defr x-cache MISS content-length 106778 x-amz-id-2 9PoaIazudJQydx7mAq+V06Cvi1yQnxhkzaQOzW0EdzZKCbu2RB4ltxTy+PXWDyCnflGj/TvR4bzO/5y6vmSwmA== last-modified Mon, 28 Sep 2020 04:36:37 GMT server keycdn etag "399bc418707e540a42b4a31c42fa707b" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Fri, 02 Aug 2024 06:37:43 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	154ms 16ms	Script text/javascript	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: life.insuredsaving.com URL: https://life.insuredsaving.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Fri, 26 Jul 2024 06:35:01 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 162 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Fri, 26 Jul 2024 08:35:01 GMT
GET H2	200	info Show response events.impressure.io/	1010 B 1005 B	703ms 167ms	XHR application/json	52.36.223.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/info?v=2&nonce=12332034877985296&userId= Requested by Host: life.insuredsaving.com URL: https://life.insuredsaving.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.36.223.7 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-36-223-7.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 373b2f44a1e2c9466c4fe7a10d18e5761a0c5ffeca2fd62614943cf14e9ccbc2 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:43 GMT content-encoding gzip x-content-type-options nosniff server nginx x-powered-by Express etag W/"3f2-TVdVobgKwv4kjxb+f6pmOP2x2Yw" vary Accept-Encoding, Origin p3p CP="Impressure does not have a P3P policy." access-control-allow-origin https://life.insuredsaving.com content-type application/json; charset=utf-8 access-control-allow-credentials true
GET DATA	200 OK	truncated /	24 KB 0		Image image/gif
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc Request headers Referer User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Content-Type image/gif
GET H2	200	jquery-3.3.1.min.js Show response code.jquery.com/	85 KB 30 KB	62ms 18ms	Script application/javascript	2a04:4e42::649 FASTLY
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/jquery-3.3.1.min.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42::649 , United States, ASN54113 (FASTLY, US), Reverse DNS Software nginx / Resource Hash 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:44 GMT content-encoding gzip via 1.1 varnish, 1.1 varnish age 1284006 x-cache HIT, HIT content-length 30288 x-served-by cache-lga13622-LGA, cache-bru1480034-BRU last-modified Fri, 18 Oct 1991 12:00:00 GMT server nginx x-timer S1721975864.181961,VS0,VE0 etag W/"28feccc0-1538f" vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=604800 accept-ranges bytes x-cache-hits 51, 168
GET H2	200	loading.d78985d5a90c42d31aaaf9203cddb569.gif impressure-c630.kxcdn.com/	2 KB 2 KB	423ms 423ms	Image image/gif	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Show image Full URL https://impressure-c630.kxcdn.com/loading.d78985d5a90c42d31aaaf9203cddb569.gif Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.4717d24.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09 Request headers Referer https://impressure-c630.kxcdn.com/presenter.4717d24.css User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:44 GMT content-encoding gzip last-modified Tue, 21 Aug 2018 14:21:48 GMT server keycdn x-amz-request-id JCKZGZJZ4FWBAM5N x-edge-location defr etag W/"d78985d5a90c42d31aaaf9203cddb569" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/plain access-control-allow-origin * x-cache MISS cache-control max-age=604800 x-amz-id-2 zmnuTlM3DnhsKjJfLinaH5pVjtlq5G7R+G3rXtok0C4IDuYg13X5ATgAXCJDoTpSyWNDXOy97HXlQuN/NuPR4Q== expires Fri, 02 Aug 2024 06:37:44 GMT
GET H/1.1	200 OK	showListing.js Show response dashboard.clickstoconvert.com/js/publisher/	6 KB 3 KB	547ms 163ms	Script application/javascript	52.24.226.54 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://dashboard.clickstoconvert.com/js/publisher/showListing.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 52.24.226.54 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-24-226-54.us-west-2.compute.amazonaws.com Software Apache/2.4.29 (Ubuntu) / Resource Hash 8d71409e2d0e8a0bb7a2e1bd41318efb59c5edf7b13f509211d73c146f24f794 Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Date Fri, 26 Jul 2024 06:37:44 GMT Content-Encoding gzip Last-Modified Tue, 03 Aug 2021 09:02:54 GMT Server Apache/2.4.29 (Ubuntu) ETag "1930-5c8a3f3867514-gzip" Vary Accept-Encoding Content-Type application/javascript Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 2509
GET H2	200	chunk.7.6caa6e6.css impressure-c630.kxcdn.com/	1 KB 954 B	400ms 400ms	Stylesheet text/css	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.6caa6e6.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash 340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:45 GMT content-encoding br x-amz-request-id 0KBC98KY4A8PZMA0 x-edge-location defr x-cache MISS content-length 538 x-amz-id-2 e82Kf4KpvAUFes9gIcp8rx/K/XYlwNvrdRP8t4+gcDnj8gFg0Sih9f4wX7ymbYRARx57RLIKU9o= last-modified Wed, 09 Oct 2019 17:37:11 GMT server keycdn etag "e73681ade786069d4cb8563abe3a911e" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Fri, 02 Aug 2024 06:37:45 GMT
GET H2	200	chunk.7.6b4aa76.js Show response impressure-c630.kxcdn.com/	11 KB 4 KB	456ms 456ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.7.6b4aa76.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash bb567a6877cd9fbf0c08d55c7d64b5ebbf21a8de27fc9292e445708cf81f8cbe Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:45 GMT content-encoding br x-amz-request-id 0KB23HESPG6KNVJS x-edge-location defr x-cache MISS content-length 3359 x-amz-id-2 Bqa4AJoU5Jd0F/+hrczbeHi+ar23QXMzIVRQrh3mtb3fzIt9LQBeL4psB/wnQa3Otw0UWy/DGYo= last-modified Sat, 19 Sep 2020 17:57:48 GMT server keycdn etag "4a8e2010be8daac0eb417e28d5590e05" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Fri, 02 Aug 2024 06:37:45 GMT
GET H2	200	chunk.4.14607f3.css impressure-c630.kxcdn.com/	2 KB 1 KB	447ms 447ms	Stylesheet text/css	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.14607f3.css Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:45 GMT content-encoding br x-amz-request-id 0KB23CDT3VARNCNC x-edge-location defr x-cache MISS content-length 794 x-amz-id-2 zfo9Gt3BRcDmASQxMsAvrcug2+TBK9ZB0zCNAA2O6L6GXp5m3Joft9LaaevyoIJiVbbWU5c+dNU= last-modified Wed, 09 Oct 2019 17:37:10 GMT server keycdn etag "92cf1ed8bfc5123b1b1c5ae4a995d8d6" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type text/css access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Fri, 02 Aug 2024 06:37:45 GMT
GET H2	200	chunk.4.7eecc8f.js Show response impressure-c630.kxcdn.com/	56 KB 18 KB	402ms 402ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.4.7eecc8f.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash e482a06fd3cc015f2a9fbb2a1af521d39d1bdda7bc560557d86a82f98c05f8ca Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:45 GMT content-encoding gzip last-modified Wed, 06 Apr 2022 22:23:44 GMT server keycdn x-amz-request-id 0KB9XZFF1N0XAW22 x-edge-location defr etag W/"68f02e7cf4450835bcc3bef3fad4cc32" vary Accept-Encoding, Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * x-cache MISS cache-control max-age=604800 x-amz-id-2 c32bs66B5Hqyf3ezuBrJZx47fiwgHcwsdffzLQ1i2Rh6p/HtvUUW4doIE5PcPxSaypGMClJpoXU= expires Fri, 02 Aug 2024 06:37:45 GMT
GET		ae61cf6c-1f65-40e5-8e25-135418325250.png djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/	0 0
GET H2	200	80c94b17-2cdd-4971-88a6-133f1deb650a.png djk97zng6lbya.cloudfront.net/2019/02/08/21/35/28/	15 KB 15 KB	715ms 648ms	Image image/png	13.32.23.73 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://djk97zng6lbya.cloudfront.net/2019/02/08/21/35/28/80c94b17-2cdd-4971-88a6-133f1deb650a.png Requested by Host: life.insuredsaving.com URL: https://life.insuredsaving.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 13.32.23.73 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-73.fra56.r.cloudfront.net Software AmazonS3 / Resource Hash c8c076ddbb55285965b5233a91009ad7f53ca98e50811f1a0dc3d2e1aa43027a Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:46 GMT via 1.1 d8670b0c6b76371fb58f730881dfe504.cloudfront.net (CloudFront) last-modified Fri, 08 Feb 2019 21:35:29 GMT server AmazonS3 x-amz-cf-pop FRA56-C2 etag "c969983cba4e3b3401605c39ec0ddd2b" x-cache Miss from cloudfront content-type image/png cache-control max-age=31536000 x-amz-meta-json accept-ranges bytes content-length 15083 x-amz-cf-id IObe4rm7iuQjEVQkFW6RDQr1AYG4i122XCLRV6L7pbYci_Er7UvK9Q==
POST H2	200	collect Show response www.google-analytics.com/j/	15 B 227 B	21ms 20ms	XHR text/plain	2001:4860:4802:34::178 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=920107771&t=pageview&_s=1&dl=https%3A%2F%2Flife.insuredsaving.com%2F&dp=%2F&ul=nl-nl&de=UTF-8&dt=Q-%20Life%20Insurance&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAACACI~&jid=987513636&gjid=20970295&cid=2130506530.1721975863&tid=UA-135266453-1&_gid=901257754.1721975863&_r=1&_slc=1&z=1043988889 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 23dd1c839dd62db367dccd17571bbf171c1ca71a9c160a3f24353f8cb29524f6 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 26 Jul 2024 06:37:44 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://life.insuredsaving.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	events Show response events.impressure.io/	72 B 366 B	203ms 202ms	Fetch application/json	52.36.223.7 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://events.impressure.io/events Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.36.223.7 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-36-223-7.us-west-2.compute.amazonaws.com Software nginx / Express Resource Hash 4136ba4433b78c8487fce40b488c3d4a62c27ee970575425361398e83e023706 Security Headers Name Value X-Content-Type-Options nosniff Request headers accept application/json Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 content-type text/plain Response headers date Fri, 26 Jul 2024 06:37:44 GMT x-content-type-options nosniff server nginx x-powered-by Express etag W/"48-RFMeVx+Jwh3XzBPnTSSWX/WHVpM" vary Origin content-type application/json; charset=utf-8 access-control-allow-origin https://life.insuredsaving.com p3p CP="Impressure does not have a P3P policy." access-control-allow-credentials true content-length 72
GET H2	200	js Show response www.googletagmanager.com/gtag/	260 KB 92 KB	94ms 41ms	Script application/javascript	2a00:1450:4001:813::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-EH7L9W18XC&cx=c&_slc=1 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash bdf06d46e4dbbd809ecda6e02221d87ac1e2c7636d6b8a1b8a5fc7a7b7b97df6 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:44 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 93710 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Fri, 26 Jul 2024 06:37:44 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	59ms 19ms	Fetch text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-EH7L9W18XC&gtm=45je47o0h1v9127556796za200&_p=1721975864802&gcd=13l3l3l2l2&npa=0&dma_cps=syphamo&dma=1&tag_exp=95250752&ul=nl-nl&sr=1600x1200&cid=2130506530.1721975863&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Flife.insuredsaving.com%2F&dp=%2F&dt=Q-%20Life%20Insurance&sid=1721975864&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=2686 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-EH7L9W18XC&cx=c&_slc=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers pragma no-cache date Fri, 26 Jul 2024 06:37:45 GMT server Golfe2 content-type text/plain access-control-allow-origin https://life.insuredsaving.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	chunk.13.5f3a945.js Show response impressure-c630.kxcdn.com/	17 KB 5 KB	406ms 406ms	Script application/javascript	2a0b:4d07:102::1 PROINITY PROINITY
General Check archive.org Show headers Download Go to Full URL https://impressure-c630.kxcdn.com/chunk.13.5f3a945.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a0b:4d07:102::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH), Reverse DNS Software keycdn / Resource Hash ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42 Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:45 GMT content-encoding br x-amz-request-id 0KBB58ZNDTAZECGX x-edge-location defr x-cache MISS content-length 5062 x-amz-id-2 4/bOrYki4N5dja9PkijMNF6FIYJUdkSOr1KWJJ3hALa1ZFrIqOjLg36XcHixTPpT0REooVWFszM= last-modified Wed, 09 Oct 2019 17:37:16 GMT server keycdn etag "99d0c075b044b783e3f3e92fdf9ab9cc" vary Accept-Encoding access-control-allow-methods GET,OPTIONS content-type application/javascript access-control-allow-origin * cache-control max-age=604800 accept-ranges bytes expires Fri, 02 Aug 2024 06:37:45 GMT
GET H2	200	47b3ebf1-f568-05ac-6674-6ba34499f7ed.js Show response create.lidstatic.com/campaign/	121 KB 39 KB	612ms 563ms	Script text/javascript	2606:4700:10::ac43:29e5 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Requested by Host: life.insuredsaving.com URL: https://life.insuredsaving.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:10::ac43:29e5 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2f93a3235c9d369a65104ea4e9185c5ee29b9b5f7a79e8ba0dc744bc384fb08 Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:46 GMT x-amz-version-id mhdIKpT.vn7AstcOeNBuJ25uOxPUnPBS content-encoding br cf-cache-status MISS x-amz-request-id 0KB6Q6G1ZTK0R180 x-amz-server-side-encryption AES256 x-amz-replication-status COMPLETED x-amz-id-2 5pr+HfmgM6csitxxF6YkKVRkeDpK/ijBh1QAgaVd59zhzpSNuV5BARoLrXLuEfbkUxyZS19DWSI= last-modified Mon, 15 Jul 2024 16:24:53 GMT server cloudflare etag W/"8b8a7cfdac77ab540cb660e038fdaf94" vary Accept-Encoding content-type text/javascript access-control-allow-origin * cache-control max-age=1800 cf-ray 8a9262089e989fb4-AMS
POST H2	200	GenerateToken Show response create.leadid.com/2.15.0/	36 B 662 B	405ms 169ms	XHR text/plain	54.157.242.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.15.0/GenerateToken?msn=1&pid=2472fce7-09d9-4b8b-b69e-0f178e87af5b&_=909381312 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.157.242.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-242-5.compute-1.amazonaws.com Software nginx / Resource Hash ee55ed911b39a4df7eaf12b89aab41b857866fb57f0fc48f602a6d454e5ca7a7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 26 Jul 2024 06:37:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
GET H3	200	3d302d91-ee59-462f-9989-f69787ecfe50.js Show response life.insuredsaving.com/chunk/133173/	10 KB 4 KB	403ms 402ms	Script text/html	188.114.96.3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://life.insuredsaving.com/chunk/133173/3d302d91-ee59-462f-9989-f69787ecfe50.js Requested by Host: impressure-c630.kxcdn.com URL: https://impressure-c630.kxcdn.com/presenter.473070e.js Protocol H3 Security QUIC, , AES_128_GCM Server 188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 577aeb0312bf70b951b846321d3c7f160b58d7b8c9b7a6c51abb0dd7ebcfe229 Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers date Fri, 26 Jul 2024 06:37:46 GMT x-amz-version-id QolCV9MlBTlQ0TLfFPTaO40CC2eKPRKV content-encoding br cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} x-edge-location nlam x-cache-status REVALIDATED x-cache MISS alt-svc h3=":443"; ma=86400 last-modified Mon, 19 Jul 2021 15:16:10 GMT server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XO6%2BXOrblylpgPARxfz4%2BBcRWUQZXQ04rD1nQCdTg7I7lXU9TKJ5GNSh470pH1RSbT5jTipTXVdkjbZ8OQ%2F4BQHyvMKfU7kmsfyOLmduWhkge9yvEjTErB7GHcUQ7EuzBq3CZVyk%2F6sA"}],"group":"cf-nel","max_age":604800} content-type text/html access-control-allow-origin * cache-control max-age=14400, must-revalidate cf-ray 8a92620c4c096650-AMS
GET H/1.1	200 OK	iframe.html d2m2wsoho8qq12.cloudfront.net/ Frame 37AD	0 0	94ms 25ms	Document text/html	13.32.23.195 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=19297F8C-4EB3-0E87-3DFA-92D76C6CFDF2&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.15.0&lck=47B3EBF1-F568-05AC-6674-6BA34499F7ED&lac=532AA58C-3478-CE87-E6BF-9CE3DCA7C530 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 13.32.23.195 , United States, ASN16509 (AMAZON-02, US), Reverse DNS server-13-32-23-195.fra56.r.cloudfront.net Software nginx / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://life.insuredsaving.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Response headers Access-Control-Allow-Headers * Access-Control-Allow-Origin * Age 82224 Connection keep-alive Content-Encoding gzip Content-Type text/html Date Thu, 25 Jul 2024 07:47:22 GMT Etag W/"668f4bcd-dbb" Last-Modified Thu, 11 Jul 2024 03:04:45 GMT Server nginx Strict-Transport-Security max-age=31536000; includeSubDomains; preload Transfer-Encoding chunked Via 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront) X-Amz-Cf-Id SVXdA_pOxRiBAdJAGYji_8Ceu1MlmImPu1bpk96iqL-uuRgtjTGdJQ== X-Amz-Cf-Pop FRA56-C2 X-Cache Hit from cloudfront
POST H2	200	SaveDom Show response create.leadid.com/2.15.0/	0 626 B	106ms 103ms	XHR text/plain	54.157.242.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.15.0/SaveDom?msn=2&pid=2472fce7-09d9-4b8b-b69e-0f178e87af5b&token=19297F8C-4EB3-0E87-3DFA-92D76C6CFDF2&_=909381313 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.157.242.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-242-5.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 26 Jul 2024 06:37:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	InitFormData Show response create.leadid.com/2.15.0/	0 626 B	105ms 104ms	XHR text/plain	54.157.242.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.15.0/InitFormData?msn=3&pid=2472fce7-09d9-4b8b-b69e-0f178e87af5b&token=19297F8C-4EB3-0E87-3DFA-92D76C6CFDF2&_=909381314 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.157.242.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-242-5.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 26 Jul 2024 06:37:46 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT
POST H2	200	Snap Show response create.leadid.com/2.15.0/	0 626 B	408ms 202ms	XHR text/plain	54.157.242.5 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://create.leadid.com/2.15.0/Snap?msn=4&pid=2472fce7-09d9-4b8b-b69e-0f178e87af5b&token=19297F8C-4EB3-0E87-3DFA-92D76C6CFDF2&_=909381315 Requested by Host: create.lidstatic.com URL: https://create.lidstatic.com/campaign/47b3ebf1-f568-05ac-6674-6ba34499f7ed.js?snippet_version=2 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 54.157.242.5 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-54-157-242-5.compute-1.amazonaws.com Software nginx / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload Request headers Referer https://life.insuredsaving.com/ User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36 Content-type application/x-www-form-urlencoded Response headers date Fri, 26 Jul 2024 06:37:47 GMT strict-transport-security max-age=31536000; includeSubDomains; preload content-encoding gzip server nginx access-control-max-age 1728000 content-type text/plain;charset=UTF-8 access-control-allow-origin * cache-control no-cache, must-revalidate access-control-allow-headers X-Requested-With, Content-Type expires Sat, 26 Jul 1997 05:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

djk97zng6lbya.cloudfront.net

URL

https://djk97zng6lbya.cloudfront.net/2019/01/04/22/22/51/ae61cf6c-1f65-40e5-8e25-135418325250.png

33 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 string| __info object| Impressure function| ga function| loadCSS object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| webpackJsonp object| core object| __core-js_shared__ function| Mousetrap object| utilities object| aramis function| $ function| jQuery string| baseUrl function| ClicksToConvertAd function| getVisitorInfo function| ClicksToConvert_Click function| replaceUrlParam function| getUrlVars function| getImpression function| loadrrads function| makeid function| getUrlVars1 function| getAllUrlParams object| dataLayer object| google_tag_manager object| LeadiD string| id object| defaultStyleFrame

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.insuredsaving.com/	1970-01-21 07:55:35	Name: _ga Value: GA1.2.2130506530.1721975863
			.insuredsaving.com/	1970-01-20 22:21:02	Name: _gid Value: GA1.2.901257754.1721975863
			.insuredsaving.com/	1970-01-21 07:55:35	Name: _user_time Value: 1721975864104|1721975864104
			.insuredsaving.com/	1970-01-21 07:55:35	Name: _user_id Value: 8f373de5-56c7-4601-ab22-d6443dc13e9c-obgcPjoTpHcy7WcgHO1SeHdy8blw552xAJq1ujk4U
			life.insuredsaving.com/	1970-01-21 07:55:35	Name: _user_random Value: 0.5406005244003145
			.insuredsaving.com/	1970-01-20 22:19:35	Name: _gat Value: 1
			.insuredsaving.com/	1970-01-21 07:55:35	Name: _ga_EH7L9W18XC Value: GS1.2.1721975864.1.0.1721975864.0.0.0
			life.insuredsaving.com/	1969-12-31 23:59:59	Name: leadid_token-532AA58C-3478-CE87-E6BF-9CE3DCA7C530-47B3EBF1-F568-05AC-6674-6BA34499F7ED Value: 19297F8C-4EB3-0E87-3DFA-92D76C6CFDF2
			.trueleadid.com/	1969-12-31 23:59:59	Name: nlbi_3051494 Value: 1uUdC+53ZhrEs3EDC30iGwAAAABbiTbY7ZgcjR6au08I8v5N
			.trueleadid.com/	1970-01-21 07:04:44	Name: visid_incap_3051494 Value: umLXP+j9QzmXeJXEWrGcCzpEo2YAAAAAQUIPAAAAAACwi63Iumq3ipRE1Nolam6D
			.trueleadid.com/	1969-12-31 23:59:59	Name: incap_ses_1689_3051494 Value: sfjdWsVZF1T+FVPjkYhwFzpEo2YAAAAA5d49BkAbG4pnV1ilmhoXqQ==
			.deviceid.trueleadid.com/	1970-01-21 07:55:35	Name: uuid Value: c28341977b044b36bce85d6569bd3b1f

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

code.jquery.com
create.leadid.com
create.lidstatic.com
d2m2wsoho8qq12.cloudfront.net
dashboard.clickstoconvert.com
djk97zng6lbya.cloudfront.net
events.impressure.io
impressure-c630.kxcdn.com
life.insuredsaving.com
region1.google-analytics.com
www.google-analytics.com
www.googletagmanager.com
djk97zng6lbya.cloudfront.net
13.32.23.195
13.32.23.73
188.114.96.3
2001:4860:4802:34::178
2001:4860:4802:34::36
2606:4700:10::ac43:29e5
2a00:1450:4001:813::2008
2a04:4e42::649
2a0b:4d07:102::1
52.24.226.54
52.36.223.7
54.157.242.5
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
23dd1c839dd62db367dccd17571bbf171c1ca71a9c160a3f24353f8cb29524f6
340d633e2738fe02c289dc44662122655656ba9d48c268a61f9c761f6a8252ba
373b2f44a1e2c9466c4fe7a10d18e5761a0c5ffeca2fd62614943cf14e9ccbc2
4136ba4433b78c8487fce40b488c3d4a62c27ee970575425361398e83e023706
577aeb0312bf70b951b846321d3c7f160b58d7b8c9b7a6c51abb0dd7ebcfe229
61d209a38eb261fd73db6b21314a9fbe683582e8b2014568ab90e99338e722da
7b3572d713ffa9ca614384c802e8a73bf4a4420a754d20dcf60adc728f5ebd09
7ccaccbba352c56b525eac3b5c9a5941a949de01d5bff8dac4e2b1181246d961
866a16ed24f1fa83115a250c8ef38f561e0850e499604cb8210d813de56708dc
8d71409e2d0e8a0bb7a2e1bd41318efb59c5edf7b13f509211d73c146f24f794
af4184fcac0beab4133f96dad725c066cddedb9db58107af8928c9486d140d2b
b2f93a3235c9d369a65104ea4e9185c5ee29b9b5f7a79e8ba0dc744bc384fb08
baacbac8ea102fe556f4d7d75f0ed28614f1c6712ef7c124df6ad7cfbc4cf744
bb567a6877cd9fbf0c08d55c7d64b5ebbf21a8de27fc9292e445708cf81f8cbe
bdf06d46e4dbbd809ecda6e02221d87ac1e2c7636d6b8a1b8a5fc7a7b7b97df6
c8c076ddbb55285965b5233a91009ad7f53ca98e50811f1a0dc3d2e1aa43027a
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e482a06fd3cc015f2a9fbb2a1af521d39d1bdda7bc560557d86a82f98c05f8ca
ecb5f9a97229a42a05d070bf1fb26ccf785e89c4dd8aeda12f820923cdeffc42
ee55ed911b39a4df7eaf12b89aab41b857866fb57f0fc48f602a6d454e5ca7a7