quotes.ecoverage.com
Open in
urlscan Pro
2606:4700:10::6816:897
Malicious Activity!
Public Scan
Effective URL: https://quotes.ecoverage.com/love-most/?src=88-4592-228&kw=2_585066_2545108-&afid=88&subid=4592&trans_id=102e047196991ad857e1...
Submission: On May 15 via api from BE — Scanned from DE
Summary
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 18th 2021. Valid for: a year.
This is the only time quotes.ecoverage.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Community Verdicts: Malicious — 4 votes Show Verdicts
Domain & IP information
ASN15169 (GOOGLE, US)
storage.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-85-204.eu-west-1.compute.amazonaws.com
track.wpamz.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-180-70.eu-west-1.compute.amazonaws.com
go.ecvtrk.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-194-160.compute-1.amazonaws.com
insurance.mediaalpha.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: 137.102.96.34.bc.googleusercontent.com
dev.visualwebsiteoptimizer.com |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
www.googleadservices.com |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-234-67.deploy.static.akamaitechnologies.com
munchkin.marketo.net |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-58-151.fra56.r.cloudfront.net
d22xmn10vbouk4.cloudfront.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-64-232.eu-west-1.compute.amazonaws.com
d.adroll.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-203-184.compute-1.amazonaws.com
create.leadid.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-66-9-39.txl50.r.cloudfront.net
d2m2wsoho8qq12.cloudfront.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-202-26-67.compute-1.amazonaws.com
deviceid.trueleadid.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-237-215-68.compute-1.amazonaws.com
collect.analyze.ly |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
ecoverage.com
quotes.ecoverage.com |
452 KB |
8 |
visualwebsiteoptimizer.com
dev.visualwebsiteoptimizer.com — Cisco Umbrella Rank: 5275 |
92 KB |
7 |
adroll.com
2 redirects
s.adroll.com — Cisco Umbrella Rank: 2620 d.adroll.com — Cisco Umbrella Rank: 1559 |
20 KB |
6 |
analyze.ly
collect.analyze.ly — Cisco Umbrella Rank: 33910 |
960 B |
5 |
leadid.com
create.leadid.com — Cisco Umbrella Rank: 13610 |
3 KB |
5 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 37 |
20 KB |
4 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 92 googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 |
2 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 5483 |
565 B |
2 |
google.com
www.google.com — Cisco Umbrella Rank: 7 |
565 B |
2 |
cloudfront.net
d22xmn10vbouk4.cloudfront.net d2m2wsoho8qq12.cloudfront.net |
23 KB |
2 |
marketo.net
munchkin.marketo.net — Cisco Umbrella Rank: 3700 |
6 KB |
2 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 71 |
138 KB |
1 |
trueleadid.com
deviceid.trueleadid.com — Cisco Umbrella Rank: 2650 |
2 KB |
1 |
googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 110 |
15 KB |
1 |
lidstatic.com
create.lidstatic.com — Cisco Umbrella Rank: 24087 |
39 KB |
1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2363 |
25 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 237 |
2 KB |
1 |
mediaalpha.com
insurance.mediaalpha.com — Cisco Umbrella Rank: 65579 |
5 KB |
1 |
ecvtrk.com
1 redirects
go.ecvtrk.com |
2 KB |
1 |
wpamz.com
1 redirects
track.wpamz.com |
2 KB |
1 |
goalonly.com
1 redirects
goalonly.com — Cisco Umbrella Rank: 636998 |
311 B |
1 |
googleapis.com
storage.googleapis.com — Cisco Umbrella Rank: 498 |
679 B |
72 | 22 |
Domain | Requested by | |
---|---|---|
22 | quotes.ecoverage.com |
storage.googleapis.com
quotes.ecoverage.com |
8 | dev.visualwebsiteoptimizer.com |
quotes.ecoverage.com
dev.visualwebsiteoptimizer.com |
6 | collect.analyze.ly |
d22xmn10vbouk4.cloudfront.net
|
6 | s.adroll.com |
2 redirects
www.googletagmanager.com
quotes.ecoverage.com s.adroll.com |
5 | create.leadid.com |
create.lidstatic.com
deviceid.trueleadid.com |
5 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com quotes.ecoverage.com |
3 | stats.g.doubleclick.net |
www.google-analytics.com
|
2 | www.google.de |
quotes.ecoverage.com
|
2 | www.google.com |
quotes.ecoverage.com
|
2 | munchkin.marketo.net |
storage.googleapis.com
munchkin.marketo.net |
2 | www.googletagmanager.com |
quotes.ecoverage.com
www.googletagmanager.com |
1 | deviceid.trueleadid.com |
d2m2wsoho8qq12.cloudfront.net
|
1 | d2m2wsoho8qq12.cloudfront.net |
create.lidstatic.com
|
1 | d.adroll.com |
s.adroll.com
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | d22xmn10vbouk4.cloudfront.net |
www.googletagmanager.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | create.lidstatic.com |
quotes.ecoverage.com
|
1 | stackpath.bootstrapcdn.com |
quotes.ecoverage.com
|
1 | cdnjs.cloudflare.com |
quotes.ecoverage.com
|
1 | insurance.mediaalpha.com |
quotes.ecoverage.com
|
1 | go.ecvtrk.com | 1 redirects |
1 | track.wpamz.com | 1 redirects |
1 | goalonly.com | 1 redirects |
1 | storage.googleapis.com | |
72 | 25 |
This site contains links to these domains. Also see Links.
Domain |
---|
fidelitylife.com |
ecoverage.com |
www.ecoverage.com |
www.optout-cnnf.net |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.storage.googleapis.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-08-18 - 2022-08-17 |
a year | crt.sh |
mediaalpha.com Amazon |
2021-08-10 - 2022-09-08 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
*.visualwebsiteoptimizer.com Starfield Secure Certificate Authority - G2 |
2020-06-19 - 2022-07-06 |
2 years | crt.sh |
lidstatic.com Cloudflare Inc ECC CA-3 |
2022-03-30 - 2023-03-30 |
a year | crt.sh |
www.googleadservices.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
s.adroll.com Amazon |
2021-08-02 - 2022-08-31 |
a year | crt.sh |
*.marketo.net DigiCert SHA2 Secure Server CA |
2022-02-06 - 2023-02-07 |
a year | crt.sh |
*.cloudfront.net Amazon |
2022-02-01 - 2023-01-31 |
a year | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2022-04-18 - 2022-07-11 |
3 months | crt.sh |
www.google.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
www.google.de GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
adroll.mgr.consensu.org Amazon |
2021-09-09 - 2022-10-08 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
*.google.de GTS CA 1C3 |
2022-04-25 - 2022-07-18 |
3 months | crt.sh |
create.leadid.com Amazon |
2021-10-22 - 2022-11-19 |
a year | crt.sh |
deviceid.trueleadid.com Amazon |
2022-01-07 - 2023-02-05 |
a year | crt.sh |
*.analyze.ly Amazon |
2022-02-15 - 2023-03-14 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://quotes.ecoverage.com/love-most/?src=88-4592-228&kw=2_585066_2545108-&afid=88&subid=4592&trans_id=102e047196991ad857e1e354ad55a8&cid=228&offer_ref=eCover200807140228&creative_id=0&utm_content=88-4592-228-0-eCover200807140228-102e047196991ad857e1e354ad55a8
Frame ID: F28379A127CCA975C3E126D7F55B909D
Requests: 69 HTTP requests in this frame
Frame:
https://d2m2wsoho8qq12.cloudfront.net/iframe.html?token=FF256EFB-1556-9DD8-0FF7-9DEEBA1FAC72&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064
Frame ID: 398DD1F908D10F6A1E145A12855085CE
Requests: 1 HTTP requests in this frame
Frame:
https://deviceid.trueleadid.com/iframe.html?token=FF256EFB-1556-9DD8-0FF7-9DEEBA1FAC72&apiurl=https%3A%2F%2Fcreate.leadid.com%2F2.11.9&lck=FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8&lac=43E84C4A-8A70-11E1-B18C-22000A1C5064
Frame ID: 4B05A54CBC6F6FAFDA8DECEF98E353DC
Requests: 2 HTTP requests in this frame
Screenshot
Page Title
Protect What You Love Most – eCoverage Life InsurancePage URL History Show full URLs
- https://storage.googleapis.com/reaganstarkyjs/fqH9HaA.html Page URL
-
http://goalonly.com/AhvNATq.z7dqfp1z?dFvR5gccnQMBcxhqzcdct7cmc4nKFhlyscbbb4R
HTTP 302
http://track.wpamz.com/aff_c?offer_id=10604&aff_id=4592&aff_sub=2_585066_2545108&aff_sub2=808_15244... HTTP 302
http://go.ecvtrk.com/aff_c?offer_id=228&aff_id=88&aff_sub=4592&aff_sub2=2_585066_2545108&aff_clic... HTTP 302
https://quotes.ecoverage.com/love-most/?src=88-4592-228&kw=2_585066_2545108-&afid=88&subid=4592&trans_id=... Page URL
Detected technologies
WordPress (CMS) ExpandDetected patterns
- <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
- /wp-(?:content|includes)/
- wp-embed\.min\.js\?ver=([\d.]+)
Bootstrap (Web Frameworks) Expand
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AdRoll (Advertising Networks) Expand
Detected patterns
- (?:a|s)\.adroll\.com
Google Analytics (Analytics) Expand
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
Marketo (Marketing Automation) Expand
Detected patterns
- munchkin\.marketo\.\w+/(?:([\d.]+)/)?munchkin\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jQuery Migrate (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Page Statistics
6 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: full list of carriers
Search URL Search Domain Scan URL
Title: Privacy Policy
Search URL Search Domain Scan URL
Title: Advertising Disclosures
Search URL Search Domain Scan URL
Title: Opt-Out
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- https://storage.googleapis.com/reaganstarkyjs/fqH9HaA.html Page URL
-
http://goalonly.com/AhvNATq.z7dqfp1z?dFvR5gccnQMBcxhqzcdct7cmc4nKFhlyscbbb4R
HTTP 302
http://track.wpamz.com/aff_c?offer_id=10604&aff_id=4592&aff_sub=2_585066_2545108&aff_sub2=808_1524463_3544250_9&aff_sub3=631169036&aff_sub5=nbtjnb HTTP 302
http://go.ecvtrk.com/aff_c?offer_id=228&aff_id=88&aff_sub=4592&aff_sub2=2_585066_2545108&aff_click_id=1020dc3c5eb4086ff1211d5cb7b2c9 HTTP 302
https://quotes.ecoverage.com/love-most/?src=88-4592-228&kw=2_585066_2545108-&afid=88&subid=4592&trans_id=102e047196991ad857e1e354ad55a8&cid=228&offer_ref=eCover200807140228&creative_id=0&utm_content=88-4592-228-0-eCover200807140228-102e047196991ad857e1e354ad55a8 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 45- https://s.adroll.com/j/exp/EDVQ5CMC3VH3LHR52CJ7D3/index.js HTTP 302
- https://s.adroll.com/j/exp/index.js
- https://s.adroll.com/j/pre/EDVQ5CMC3VH3LHR52CJ7D3/4JLSEE7LHRBZPG5LZKXJAJ/fpconsent.js HTTP 302
- https://s.adroll.com/j/pre/index.js
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
fqH9HaA.html
storage.googleapis.com/reaganstarkyjs/ |
100 B 679 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Primary Request
/
quotes.ecoverage.com/love-most/ Redirect Chain
|
35 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serve.js
insurance.mediaalpha.com/js/ |
11 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sumoselect.min.css
cdnjs.cloudflare.com/ajax/libs/jquery.sumoselect/3.0.2/ |
7 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.3.1/css/ |
152 KB 25 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
quotes.ecoverage.com/wp-includes/css/dist/block-library/ |
79 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.css
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/ |
8 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
style.min.css
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ |
9 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lpa.min.css
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ |
80 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
quotes.ecoverage.com/wp-includes/js/jquery/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-migrate.min.js
quotes.ecoverage.com/wp-includes/js/jquery/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
vendor.min.js
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ |
902 KB 151 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
scripts-lpa.min.js
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/public/ |
39 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
invisible.js
quotes.ecoverage.com/cdn-cgi/challenge-platform/h/b/scripts/ |
45 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
group-7@2x.png
quotes.ecoverage.com/wp-content/uploads/2020/06/ |
2 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Logo.png
quotes.ecoverage.com/wp-content/uploads/2020/06/ |
3 KB 3 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-arrow-light-blue.svg
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/src/images/ |
240 B 350 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
email-decode.min.js
quotes.ecoverage.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ |
1 KB 858 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-embed.min.js
quotes.ecoverage.com/wp-includes/js/ |
1 KB 810 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
221 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
j.php
dev.visualwebsiteoptimizer.com/ |
12 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
wp-emoji-release.min.js
quotes.ecoverage.com/wp-includes/js/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eCoverage_hero-1024x429-1.jpg
quotes.ecoverage.com/wp-content/uploads/2021/04/ |
59 KB 59 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fa53bd1b-c563-e4b2-5f47-565fea8ae7a8.js
create.lidstatic.com/campaign/ |
123 KB 39 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tag-fad525253fe70a137f357b604ab29290.js
dev.visualwebsiteoptimizer.com/web/djIkdGU6Ny4wOmFzeW5jJWdxdWVyeQ==/ |
167 KB 47 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v.gif
dev.visualwebsiteoptimizer.com/ |
35 B 214 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pica.js
quotes.ecoverage.com/cdn-cgi/challenge-platform/h/b/scripts/ |
21 KB 7 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-arrow-dark-blue.svg
quotes.ecoverage.com/wp-content/themes/rise-ecoverage/src/images/ |
245 B 264 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
189 KB 68 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
49 KB 20 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
39 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
roundtrip.js
s.adroll.com/j/ |
50 KB 16 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/ |
1 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
c0648764b65b11eab3db0abec2e02be9.js
d22xmn10vbouk4.cloudfront.net/ |
79 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eCoverage_collage.jpg
quotes.ecoverage.com/wp-content/uploads/2020/06/ |
111 KB 112 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
png-item-1777666@2x.jpg
quotes.ecoverage.com/wp-content/uploads/2020/06/ |
12 KB 12 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
tag-dee9332b30908d655aec28abbb8876ac.js
dev.visualwebsiteoptimizer.com/web/djIkYTo0LjA6bm9qcXVlcnksdHI6Ny4w/ |
102 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
l.gif
dev.visualwebsiteoptimizer.com/ |
35 B 52 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
settings.js
dev.visualwebsiteoptimizer.com/ |
2 KB 854 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
s.gif
dev.visualwebsiteoptimizer.com/ |
35 B 52 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 445 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
2 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
collect
www.google-analytics.com/ |
35 B 55 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
worker-70faafffa0475802f5ee03ca5ff74179.js
dev.visualwebsiteoptimizer.com/analysis/ |
47 KB 13 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
munchkin.js
munchkin.marketo.net/161/ |
11 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/g/ |
0 17 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/exp/ Redirect Chain
|
28 B 762 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/ Redirect Chain
|
0 733 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.js
s.adroll.com/j/pre/EDVQ5CMC3VH3LHR52CJ7D3/4JLSEE7LHRBZPG5LZKXJAJ/ |
0 785 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
www.google-analytics.com/j/ |
4 B 24 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/984879444/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
stats.g.doubleclick.net/j/ |
1 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga-audiences
www.google.de/ads/ |
42 B 501 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
70bbf792fc539c0d
quotes.ecoverage.com/cdn-cgi/challenge-platform/h/b/cv/result/ |
2 B 335 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EDVQ5CMC3VH3LHR52CJ7D3
d.adroll.com/consent/check/ |
447 B 540 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
collect
stats.g.doubleclick.net/j/ |
1 B 22 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/984879444/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-user-list/984879444/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
GenerateToken
create.leadid.com/2.11.9/ |
36 B 658 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe.html
d2m2wsoho8qq12.cloudfront.net/ Frame 398D |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
SaveDom
create.leadid.com/2.11.9/ |
0 623 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
InitFormData
create.leadid.com/2.11.9/ |
0 623 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iframe.html
deviceid.trueleadid.com/ Frame 4B05 |
4 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
collect.analyze.ly/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
collect.analyze.ly/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
collect.analyze.ly/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
collect.analyze.ly/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
collect.analyze.ly/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SaveDeviceId.js
create.leadid.com/2.11.9/ Frame 4B05 |
0 626 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Snap
create.leadid.com/2.11.9/ |
0 623 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
/
collect.analyze.ly/ |
0 160 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Malicious
page.url
Submitted on
May 16th 2022, 12:47:31 am
UTC —
From United States
Threats:
Misc
Comment: Known Spam: URL sent to a spam trap
Malicious
task.url
Submitted on
May 16th 2022, 12:47:09 am
UTC —
From United States
Threats:
Misc
Comment: Malicious 3xx redirect
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
175 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails undefined| MediaAlphaExchange object| __maxch__thunk function| MediaAlphaExchange__fetchUserID function| MediaAlphaExchange__success function| MediaAlphaExchange__error function| MediaAlphaExchange__click function| MediaAlphaExchange__enableDirectLinks function| MediaAlphaExchange__disableDirectLinks function| MediaAlphaExchange__loadDirectLink function| MediaAlphaExchange__load undefined| targetID undefined| targetElt object| dataLayer string| GTM string| host number| settings_timer number| _vwo_settings_timer object| _vwo_code object| _wpemojiSettings function| $ function| jQuery object| wpJsonpLaunchpad function| Inputmask string| placementID object| wp object| __CF$cv$params object| google_tag_manager number| _vwo_acc_id object| vwoCode object| _vwo_style string| _vwo_css string| _vwo_cookieDomain string| _vwo_uuid number| _vwo_library_timer string| _vis_opt_file string| _vis_opt_lib undefined| b number| _vwo_j_e string| _vwo_mt string| _vwo_tm object| VWO object| vwo_iehack_queue object| _vwo_exp_ids object| _vwo_exp object| _vwo_pa object| VWOOmni string| _vwo_worker_cb object| twemoji object| google_tag_data string| GoogleAnalyticsObject function| ga string| adroll_adv_id string| adroll_pix_id object| adroll_custom_data boolean| __adroll_loaded function| iFramePush function| vwo_$ string| _vwo_server_url object| _vis_opt_queue object| _vis_opt_check_segment object| _vwo_evq function| _vwo_ev boolean| DISABLE_NATIVE_CONSTANTS object| _vwo_t object| _vwo_editorOperationTracker function| _vwo_handleMutations object| _vwo_api_section_callback object| _vis_opt_comb_name function| _vwo_s object| _vwo_campaignData function| _vis_opt_top_initialize function| _vis_opt_bottom_initialize function| _vis_opt_goal_conversion function| _vis_opt_revenue_conversion function| _vis_opt_pause function| _vis_opt_readCookie function| _vis_opt_createCookie function| _vis_opt_element_loaded function| _vis_opt_GA_track function| _vis_opt_register_conversion function| _vis_opt_get_campaign_xPath function| ecovTiTracking undefined| e undefined| x string| ti_ECOV31 string| _vis_opt_experiment_id boolean| _vwo_settings_timed_out object| gaplugins object| gaGlobal object| gaData object| __nls number| ___vwo function| mktoMunchkinFunction object| Munchkin function| mktoMunchkin function| onYouTubeIframeAPIReady string| adroll_sid object| __adroll boolean| adroll_optout object| adroll_ext_network object| adroll_callbacks function| adroll_tpc_callback object| tiMonitor function| EMPTY_FUN undefined| UNDEF object| taginspector string| ua boolean| bufferFull string| lt boolean| externalReq string| windowOrigin string| truncReqName number| fts string| reqName string| req function| macro_function_22dc7922_97c9_5d53_99a1_7cab6cf97b25 object| macro_22dc7922_97c9_5d53_99a1_7cab6cf97b25 function| macro_function_5d73e5ea_98a3_50d1_b89a_7a8cacf5bae1 object| macro_5d73e5ea_98a3_50d1_b89a_7a8cacf5bae1 object| condition_b1fba6b6_502b_4469_8038_e1ab02a8fa64 object| rule_19702 object| condition_68fc63ba_2bea_4b0e_822f_a52581dddc9d function| trigger_function_trigger_f92dff90_d219_11ec_a768_1247a51b3b7f object| trigger_f92dff90_d219_11ec_a768_1247a51b3b7f object| pe number| scInterval number| fbInterval function| ld function| getWindowParam function| getUrl function| getUrlwithoutFragment function| stripFragmentFromUrl function| getUrlDict function| getUrlComponent function| getUrlFragment function| stripSemicolon function| isFunction function| getQueryparameters function| addListener string| result function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO object| MunchkinTracker object| __adroll_consent_data object| adroll_exp_list object| LeadiDconfig object| LeadiD boolean| __adroll_consent boolean| __adroll_consent_is_gdpr string| __adroll_consent_user_country string| label string| id boolean| sensitiveData object| defaultStyleFrame string| page_size number| dom_interactive number| dom_content_load number| dom_complete string| conn_effType string| conn_downlinkMax string| conn_roundtrip string| conn_downlink string| conn_type string| base_req_data boolean| isSendBeaconRequest object| requestBody string| encodedRequestString string| req_data boolean| isDomLoaded17 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.quotes.ecoverage.com/ | Name: _vwo_uuid_v2 Value: D5117C09473F2B634AC568D90718237E3|3cce4d12b6db90605ea519dfc6ec5708 |
|
.ecoverage.com/ | Name: _vis_opt_s Value: 1%7C |
|
.ecoverage.com/ | Name: _vis_opt_test_cookie Value: 1 |
|
.ecoverage.com/ | Name: _vwo_uuid Value: D5117C09473F2B634AC568D90718237E3 |
|
.ecoverage.com/ | Name: _vwo_sn Value: 0%3A1%3A%3A%3A1 |
|
.ecoverage.com/ | Name: _vis_opt_exp_31_combi Value: 3 |
|
.ecoverage.com/ | Name: _gid Value: GA1.2.1411849422.1652618690 |
|
.ecoverage.com/ | Name: _dc_gtm_UA-43809065-1 Value: 1 |
|
.ecoverage.com/ | Name: _gat_UA-43809065-7 Value: 1 |
|
.ecoverage.com/ | Name: _vwo_ds Value: 3%3Aa_0%2Ct_0%3A0%241652618689%3A76.06949768%3A%3A%3A13_0%2C9_0%2C2_0%2C1_0%3A0 |
|
.ecoverage.com/ | Name: _ga_D0M3W1QDWH Value: GS1.1.1652618689.1.0.1652618689.0 |
|
.ecoverage.com/ | Name: _ga Value: GA1.2.1720731109.1652618690 |
|
.ecoverage.com/ | Name: _gat_tiSimpleHeader Value: 1 |
|
.doubleclick.net/ | Name: test_cookie Value: CheckForPermission |
|
.ecoverage.com/ | Name: __cf_bm Value: 9KzMwuGNqgUjEsUJnGjFO4rARrzlEJxIy_xHCYkhi2Y-1652618689-0-AX4nxb7fAdlqfwQaF4dvNt1waYH6vkw1J92f3wBBsJ/a0i9zNk8ImkZfUtQZGspJirZEcol1pO2uzauvoXIK01URhyySkyxXFsiyTIjet+izZX1aDQQ16hRF8J5hN9k1Rg== |
|
quotes.ecoverage.com/ | Name: leadid_token-43E84C4A-8A70-11E1-B18C-22000A1C5064-FA53BD1B-C563-E4B2-5F47-565FEA8AE7A8 Value: FF256EFB-1556-9DD8-0FF7-9DEEBA1FAC72 |
|
.deviceid.trueleadid.com/ | Name: uuid Value: 160f822d221049859f924e2fd4f97724 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdnjs.cloudflare.com
collect.analyze.ly
create.leadid.com
create.lidstatic.com
d.adroll.com
d22xmn10vbouk4.cloudfront.net
d2m2wsoho8qq12.cloudfront.net
dev.visualwebsiteoptimizer.com
deviceid.trueleadid.com
go.ecvtrk.com
goalonly.com
googleads.g.doubleclick.net
insurance.mediaalpha.com
munchkin.marketo.net
quotes.ecoverage.com
s.adroll.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
storage.googleapis.com
track.wpamz.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
104.111.234.67
142.250.186.66
18.66.9.39
2600:9000:224a:fe00:6:9280:1080:93a1
2606:4700:10::6816:897
2606:4700:10::ac43:29e5
2606:4700::6811:190e
2606:4700::6812:acf
2a00:1450:4001:809::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:811::2008
2a00:1450:4001:812::2010
2a00:1450:4001:831::200e
2a00:1450:400c:c04::9c
2a00:1450:400f:804::2002
34.202.26.67
34.248.85.204
34.96.102.137
35.173.194.160
45.10.23.225
52.212.180.70
52.22.203.184
54.220.64.232
54.237.215.68
65.9.58.151
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
076ed2d9b4f0d8598d10b76882cfd10b9db67498a948782e7dcc0474e3128625
0a9adccc17d9e34e3971bce91e3723f1fef884844fed6e6e10085e19745faef5
11a5fed2fca36c7de433b639a979912e8f64c6dc391578b877cc7f01fab232ea
1a1330f02ca06c69fdf4b4b64b0aac0907faeaa94e40a7e71dfead756ba7931d
1ef3f0269be7b675dce81bb81af21398575e3f96609f76c0f59881145bbfddff
248db5017c4a6477fcfd76bcde192b56b6c5e0f6f5a44e962345579b5922f58c
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
299ffd0f18d6e85e06d650be6f47530403ca6e029462511a5641d28f2b011cdb
2e4ffec34ab498b71da24a22f4f40790b0c20bf910a516b1f13f7e97bd679c95
2f2bda124d9845f42a8407623f8bdf79bb91a45a6348ca2613c648a04bfeacfb
2f81b09a2626b65913acf9102c350462ade4467169d2db457bc7d5c20cb71f87
476c9a5b18acb7c5b596789bb3eded31d9567d95ef811c9447b53b9f41ad5786
48be702437e5649fb383c72f551f87118be87c9257fecd88f077a57d50f1a2f6
4bf3aca933aa233702f890083af601fb16149ec8a17f8c1b90d30450562bde08
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
602ea48b7fd2a48e702e43825b0d6f6495f78cb4cc1fa24cb8c95f61e014215a
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
65ce929ac7a2bcf080742539cfa9c3c676cbb8ffc8a974e115dd9d3700319213
66356622fa783119cc883e3b2393247cc3e350fb83bc3227e4097917e2cc6107
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7084d43bb9880541ee2edf065d08608a100a606f2c888dff250cdbd5e18f55ea
7debd0fb0a77a7375b94ba173674bd0ca4ac1c35690cfb348ee67a93a80c4d84
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
9110fc122dda3067c424d9b8ff7747e2030b0bd9298f69a3683d399ad3373a6a
9ae26963724867750fcad6203b822f2c29d3e63f78d3a2dc3c8a424dcfbcb8a8
9b9810abb10f558764a9dbbe5bf67c252a67ca44c11d2f06dccd789a9f42b82e
9bcaad8147e78318be9b1214f622e8e17f9c50f27605039dcf334befeceae9c3
9cc6fc33922e31528afddc88ad4e5868dcaafff81a60401a5b99658e2320bae4
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b4194cb53eb5f80d09afd7dd558c9386131ec7c2e3b0d56ced58cba3a71149f0
b4445b001935e8ac66ea4a5e1b328c4011af428c9b43bc880ac963a4fe290aad
b44cca99a313819c10a2dba46a8a0dafdac4bd0e3813ecc39cad3a0ce63e1d9e
b616024878c7c792d4cccedadfdf67cc311621d2904df0885e0b6845ff37b0ea
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c2aee78040b4ed46c2377e6825db12a9691a2eb584adf338e77312c8978d8537
c8baebafe9a35f65c93f02def3c31287cb3379679744ce18f4bc2e257c14c556
cb3b12ac1541de1163927c9fcda7e13e161a913c9f0bcc99e5fba10d7a2fd47c
d31bc925a88effb32e2052100f258d2b20f7e3b2955a6772b965ad31da8df139
d483a8d0103837ff159d82bd001f4aab55b4f563f88a447e26d52a9690df1bd5
da8a3ca19c9353c7dbcbe48570bf6ba061fb1029f7907b7ba04799cad8ab0e6e
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
e3ad82a69faf9ec1b298a080ce5974322a33cc501e1455071cf8db58c7f2462f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e916478d94814b1a0c2680424c323db0514f4a022d16835cd7bcc754722308f4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
ffba7b9ff0ea7315cd20c7e4bfb283478b37bd039985f1d7f3e3395717b00bfe