urlscan.io logo urlscan.io
SecurityTrails logo

vocixn.org.uk Open in urlscan Pro
195.123.243.47  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://vocixn.org.uk/dfhofgj.php
Effective URL: https://vocixn.org.uk/webmailss/Shaw/
Submission: On March 20 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 3 countries across 10 domains to perform 34 HTTP transactions. The main IP is 195.123.243.47, located in Ukraine and belongs to LAYER6, UA. The main domain is vocixn.org.uk.
TLS certificate: Issued by cPanel, Inc. Certification Authority on March 15th 2019. Valid for: 3 months.
This is the only time vocixn.org.uk was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Shaw (Telecommunication)

Domain & IP information

IP Address AS Autonomous System
2 13 195.123.243.47 204957 (LAYER6)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 172.217.21.194 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
34 11
13    195.123.243.47 (Ukraine)

ASN204957 (LAYER6, UA)
PTR: doicvpo.dcxosoe.com
vocixn.org.uk
1    2a00:1450:4001:81c::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com.eg
1    2a00:1450:4001:825::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.com
5    172.217.21.194 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s12-in-f2.1e100.net
securepubads.g.doubleclick.net
2    2a00:1450:4001:81d::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
2    2a00:1450:4001:815::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
tpc.googlesyndication.com
3    2a00:1450:4001:819::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
cdn.ampproject.org
2    2a00:1450:400c:c06::61 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
1    2a00:1450:4001:81d::2014 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
amp-error-reporting.appspot.com
1    2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
Domain Requested by
13 vocixn.org.uk 2 redirects vocixn.org.uk
5 securepubads.g.doubleclick.net vocixn.org.uk
securepubads.g.doubleclick.net
3 cdn.ampproject.org securepubads.g.doubleclick.net
2 ssl.google-analytics.com vocixn.org.uk
2 tpc.googlesyndication.com vocixn.org.uk
securepubads.g.doubleclick.net
2 www.googletagservices.com vocixn.org.uk
securepubads.g.doubleclick.net
1 pagead2.googlesyndication.com
1 amp-error-reporting.appspot.com cdn.ampproject.org
1 adservice.google.com vocixn.org.uk
1 adservice.google.com.eg vocixn.org.uk
0 www.google-analytics.com Failed vocixn.org.uk
0 zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com Failed vocixn.org.uk
34 12

This site contains links to these domains. Also see Links.

Domain
www.shaw.ca
business.shaw.ca
community.shaw.ca
my.shaw.ca
signon.shaw.ca
register.shaw.ca
Subject Issuer Validity Valid
vocixn.org.uk
cPanel, Inc. Certification Authority		 2019-03-15 -
2019-06-13		 3 months crt.sh
*.google.com.eg
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
tpc.googlesyndication.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
misc-sni.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.appspot.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://vocixn.org.uk/webmailss/Shaw/
Frame ID: 738517AA36110DB9FF752E278152768E
Requests: 28 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js
Frame ID: 238E6266D3A5FB5CC6C4CE9857800A9C
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://vocixn.org.uk/dfhofgj.php HTTP 302
    https://vocixn.org.uk/webmailss/Shaw HTTP 301
    https://vocixn.org.uk/webmailss/Shaw/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • env /^Handlebars$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • env /^__google_ad_/i
  • env /^Goog_AdSense_/i
Overall confidence: 100%
Detected patterns
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^googletag$/i
Overall confidence: 100%
Detected patterns
  • env /^Modernizr$/i
Overall confidence: 100%
Detected patterns
  • env /^jQuery$/i

Page Statistics

34
Requests

85 %
HTTPS

80 %
IPv6

10
Domains

12
Subdomains

11
IPs

3
Countries

692 kB
Transfer

1286 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://vocixn.org.uk/dfhofgj.php HTTP 302
    https://vocixn.org.uk/webmailss/Shaw HTTP 301
    https://vocixn.org.uk/webmailss/Shaw/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
vocixn.org.uk/webmailss/Shaw/
Redirect Chain
  • http://vocixn.org.uk/dfhofgj.php
  • https://vocixn.org.uk/webmailss/Shaw
  • https://vocixn.org.uk/webmailss/Shaw/
19 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
4e164b722449ca612e0fd7db6cd6934f3ef620572a7f315d7f264b36bff6ea55

Request headers

Host
vocixn.org.uk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:56 GMT
Server
Apache
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Accept-Ranges
bytes
Content-Length
19508
Keep-Alive
timeout=5, max=99
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Wed, 20 Mar 2019 16:32:56 GMT
Server
Apache
Location
https://vocixn.org.uk/webmailss/Shaw/
Content-Length
245
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
integrator.js
adservice.google.com.eg/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com.eg/adsid/integrator.js?domain=localhost
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81c::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=localhost
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:825::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
104
x-xss-protection
1; mode=block
combine_signon_136.css
vocixn.org.uk/webmailss/Shaw/css/ 		160 KB
160 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://vocixn.org.uk/webmailss/Shaw/css/combine_signon_136.css
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:56 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
163641
pubads_impl_rendering_2019013101.js
securepubads.g.doubleclick.net/gpt/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js?21063143
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Feb 2019 20:17:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
23918
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:32:56 GMT
pubads_impl_2019013101.js
securepubads.g.doubleclick.net/gpt/ 		181 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Feb 2019 20:17:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
63420
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:32:56 GMT
webmail-desktop.png
vocixn.org.uk/webmailss/Shaw/images/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vocixn.org.uk/webmailss/Shaw/images/webmail-desktop.png
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:57 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4657
error_button.png
vocixn.org.uk/webmailss/Shaw/images/ 		185 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vocixn.org.uk/webmailss/Shaw/images/error_button.png
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:58 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
185
helpIcon.png
vocixn.org.uk/webmailss/Shaw/images/icons/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vocixn.org.uk/webmailss/Shaw/images/icons/helpIcon.png
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:57 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
1427
modal-close.png
vocixn.org.uk/webmailss/Shaw/images/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vocixn.org.uk/webmailss/Shaw/images/modal-close.png
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:58 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1340
jquery.min.js
vocixn.org.uk/webmailss/Shaw/js/ 		93 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vocixn.org.uk/webmailss/Shaw/js/jquery.min.js
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:57 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
94839
combine_signon_136.js
vocixn.org.uk/webmailss/Shaw/js/ 		97 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vocixn.org.uk/webmailss/Shaw/js/combine_signon_136.js
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:57 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
99059
login-form.shaw.js
vocixn.org.uk/webmailss/Shaw/js/ 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vocixn.org.uk/webmailss/Shaw/js/login-form.shaw.js
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:57 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
5102
jquery.cookie.js
vocixn.org.uk/webmailss/Shaw/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vocixn.org.uk/webmailss/Shaw/js/jquery.cookie.js
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:57 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
1911
jquery.base64.min.js
vocixn.org.uk/webmailss/Shaw/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vocixn.org.uk/webmailss/Shaw/js/jquery.base64.min.js
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
195.123.243.47 , Ukraine, ASN204957 (LAYER6, UA),
Reverse DNS
doicvpo.dcxosoe.com
Software
Apache /
Resource Hash
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate, br
Host
vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
https://vocixn.org.uk/webmailss/Shaw/
Connection
keep-alive
Cache-Control
no-cache
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Wed, 20 Mar 2019 16:32:58 GMT
Last-Modified
Sat, 02 Mar 2019 03:11:50 GMT
Server
Apache
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1782
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"112 / 756 of 1000 / last-modified: 1553036242"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
10782
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:32:57 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-32/html/ 		0
0
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3185892155165926&correlator=4210858142152768&output=json_html&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&json_a=1&vrg=2019013101&guci=2.2.0.0.2.2.0.0&sc=1&sfv=1-0-31&iu_parts=6872%2Cwebmail.shaw.ca&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&cookie_enabled=1&bc=15&abxe=1&lmt=1551496310&dt=1553099577813&dlt=1553099576848&idt=910&frm=20&biw=1600&bih=1200&oid=3&adxs=879&adys=184&adks=3847475914&ucis=1&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fvocixn.org.uk%2Fwebmailss%2FShaw%2F&dssz=9&icsg=10923&std=0&vis=1&stss=2&dmc=8&scr_x=0&scr_y=0&psz=383x400&msz=310x250&ga_vid=515324978.1553099578&ga_sid=1553099578&ga_hid=1845580809&fws=4
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
689e47a0f67556070316928ac03ba9726faeaf77d32a908d9f17fadbec88a35e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://vocixn.org.uk/webmailss/Shaw/
Origin
https://vocixn.org.uk

Response headers

date
Wed, 20 Mar 2019 16:32:57 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
4901
x-xss-protection
1; mode=block
google-lineitem-id
4661315958
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138232299730
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
https://vocixn.org.uk
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubads_impl_rendering_2019013101.js
securepubads.g.doubleclick.net/gpt/ 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
sffe /
Resource Hash
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 04 Feb 2019 20:17:33 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
23918
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:32:57 GMT
container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 		0
0 		Other
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Purpose
prefetch
Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers
amp4ads-host-v0.js
cdn.ampproject.org/rtv/011903070012530/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011903070012530/amp4ads-host-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
55b898eeb6afc0bd8fbe8c051c5f6c270da59cc140959535beeb07d1c1fd3457
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
992069
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
7952
x-xss-protection
1; mode=block
server
sffe
date
Sat, 09 Mar 2019 04:58:28 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"8e0e5d95e8d8e00a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 04:58:28 GMT
amp4ads-v0.js
cdn.ampproject.org/rtv/011903070012530/ Frame 238E 		268 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
4ae79421312711ee05e95e312c741a776e6d37317767f9bccb35cf19900d2053
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
997123
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
86952
x-xss-protection
1; mode=block
server
sffe
date
Sat, 09 Mar 2019 03:34:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"1873028a0afeff2a"
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 03:34:14 GMT
amp-analytics-0.1.js
cdn.ampproject.org/rtv/011903070012530/v0/ Frame 238E 		135 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/011903070012530/v0/amp-analytics-0.1.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_2019013101.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
87ee7466a4c44faea154684cd6acc885c4fd82906c2a82598c4fd3435fa37f9a
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/esm/ https://cdn.ampproject.org/mp/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sp/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp-collector.appspot.com/csp/amp
content-encoding
gzip
x-content-type-options
nosniff
age
1015140
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
43370
x-xss-protection
1; mode=block
server
sffe
date
Fri, 08 Mar 2019 22:33:57 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
text/javascript
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"eac4e0c4b459ff03"
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 07 Mar 2020 22:33:57 GMT
truncated
/ Frame 238E 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b16a4b20f1d3decb3fd205a5c6f686c925c3cc09371da243c8cf82526a121882

Request headers

Response headers

Content-Type
image/png
osd.js
www.googletagservices.com/activeview/js/current/ 		75 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019013101.js?21063143
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81d::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1552585448432221"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
27825
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:32:58 GMT
11885643988731137303
tpc.googlesyndication.com/simgad/ Frame 238E 		119 B
196 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11885643988731137303
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:815::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Sat, 09 Mar 2019 04:36:30 GMT
x-content-type-options
nosniff
age
993387
x-dns-prefetch-control
off
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
119
x-xss-protection
1; mode=block
last-modified
Wed, 02 May 2018 13:19:50 GMT
server
sffe
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 08 Mar 2020 04:36:30 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 238E 		0
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssIoQFJD1H5pDccBlz-UwA39ZHCALpJ0VLSbcYTnCXnJqo4487hfTWIH-LGtvm4fP57wgK4ZbMXU9B0rzxjFDPmAcZAwHOtdVKFZDM7OXrQrixbBGWa_QSLhCt4n6DKY53QerH7a5VyUl9sqJv7D_stNyyCWnQ6ZdK14fGk6q7bw6erFx_wcrQbSa6aes21XBO392cd_Hq0U6jEYM2i5gMqbFOO56sWJ9dn1rhtIfqRlI9wwZzWKTPKpuwV&sai=AMfl-YSIOyI4EwdbXhoJ-FWIiw0tPJzMvUHwvkrV7rAJAEIAC5D8-5uuAulejrA45D5B-Bk2PiFA5-FIWllEq2OSA95Ljc2l5yYxtyK-4dPE&sig=Cg0ArKJSzGj7lENGM1-lEAE&adurl=
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.217.21.194 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s12-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Wed, 20 Mar 2019 16:32:57 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
private
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
1; mode=block
expires
Wed, 20 Mar 2019 16:32:57 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::61 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6465
date
Wed, 20 Mar 2019 14:45:13 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17168
expires
Wed, 20 Mar 2019 16:45:13 GMT
ga.js
www.google-analytics.com/ 		0
0
__utm.gif
ssl.google-analytics.com/r/ 		35 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=645466069&utmhn=vocixn.org.uk&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sign%20in%20.%20Shaw&utmhid=1845580809&utmr=-&utmp=%2Fwebmailss%2FShaw%2F&utmht=1553099578334&utmac=UA-6191386-23&utmcc=__utma%3D240689412.515324978.1553099578.1553099578.1553099578.1%3B%2B__utmz%3D240689412.1553099578.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=2011291475&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAQAAAAE~
Requested by
Host: vocixn.org.uk
URL: https://vocixn.org.uk/webmailss/Shaw/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::61 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Mar 2019 16:32:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ 		0
0
r
amp-error-reporting.appspot.com/ Frame 238E 		2 B
64 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amp-error-reporting.appspot.com/r
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2014 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
/ Express
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
Origin
https://vocixn.org.uk
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 20 Mar 2019 16:32:59 GMT
via
1.1 google
x-powered-by
Express
status
200
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
2
activeview
pagead2.googlesyndication.com/pcs/ Frame 238E 		42 B
116 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6SuKsKCz47eopwIn__bj1T89h80taAXXyfyhE4qYhc0g7Qmb6M-nw-dMxiQ6bP3xCZURCYbJrE7y1TMYGHYfdv02S_oNDa89_GnI&sig=Cg0ArKJSzMlJ_C6wnJceEAE&id=ampim&o=879,203&d=1,1&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=138&tls=1138&g=100&h=100&pt=58&tt=1139&rpt=58&rst=1553099577796&r=v&adk=3847475914&avms=ampa
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://vocixn.org.uk/webmailss/Shaw/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 20 Mar 2019 16:32:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, must-revalidate
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,44,43,39",quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
URL
https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=http%3A%2F%2Flocalhost%2Ftest%2F&t=1549684120333
Domain
www.googletagservices.com
URL
http://www.googletagservices.com/tag/js/gpt.js
Domain
tpc.googlesyndication.com
URL
http://tpc.googlesyndication.com/safeframe/1-0-32/html/container.html
Domain
www.google-analytics.com
URL
http://www.google-analytics.com/ga.js
Domain
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
URL
https://zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/?Q_ZID=ZN_djzxQPnJgAbhfwh&Q_LOC=https%3A%2F%2Fvocixn.org.uk%2Fwebmailss%2FShaw%2F&t=1553099578369

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Shaw (Telecommunication)

69 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| gptadslots object| googletag function| checkAd object| google_js_reporting_queue object| GPT_jstiming undefined| google_measure_js_timing boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id object| googleToken object| googleIMState number| google_unique_id object| closure_memoize_cache_ object| gaGlobal function| $ function| jQuery function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| ampInaboxIframes object| ampInaboxPendingMessages object| __google_ad_urls boolean| google_osd_loaded boolean| google_onload_fired object| AMP_CONFIG object| log object| AMPErrors boolean| ampInaboxInitialized object| AMP_MODE function| reportError object| AMP function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| Handlebars function| openChatWindow function| openEmailWindow boolean| supportsTransitions object| analyticsSignon object| analyticsRegisterForgot object| shaw function| init function| showTabs function| checkFailedLogin function| showTabsForRealms function| matchRealmsInRealmsArray function| showRealm function| manageCookie object| submitButton function| manageUserNameInput function| email function| occ function| shawDirect function| showEmailTabActive function| showOCCTabActive function| showShawdirectTabActive function| setAnchorFromURL object| jQuery17202171299480644595 object| html5 object| Modernizr function| yepnope function| displayError function| checkEmpty string| gaJsHost object| _gat object| _gaq object| pageTracker

6 Cookies

Domain/Path Name / Value
.vocixn.org.uk/ Name: __utmb
Value: 240689412.1.10.1553099578
.vocixn.org.uk/ Name: __gads
Value: ID=0ae190bd7cce998f:T=1553099577:S=ALNI_MY_tPQkoZhEa91yKNOmiwWOhIyvjQ
.vocixn.org.uk/ Name: __utmc
Value: 240689412
.vocixn.org.uk/ Name: __utmt
Value: 1
.vocixn.org.uk/ Name: __utmz
Value: 240689412.1553099578.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.vocixn.org.uk/ Name: __utma
Value: 240689412.515324978.1553099578.1553099578.1553099578.1

2 Console Messages

Source Level URL
Text
console-api info URL: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js(Line 550)
Message:
Powered by AMP ⚡ HTML – Version 1903070012530
console-api error URL: https://cdn.ampproject.org/rtv/011903070012530/amp4ads-v0.js(Line 140)
Message:
localStorage not supported.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.com.eg
amp-error-reporting.appspot.com
cdn.ampproject.org
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
vocixn.org.uk
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
tpc.googlesyndication.com
www.google-analytics.com
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
172.217.21.194
195.123.243.47
2a00:1450:4001:809::2002
2a00:1450:4001:815::2001
2a00:1450:4001:819::2001
2a00:1450:4001:81c::2002
2a00:1450:4001:81d::2002
2a00:1450:4001:81d::2014
2a00:1450:4001:825::2002
2a00:1450:400c:c06::61
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0fb170f24675c84f8228ad6b61d69bf6705030949cc2fec316b3a006eab282f8
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89
4893b6ab6f829846b2d16d9b09bbcf9422f3719610bd61d2d4682a9115fb9ce1
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37
4ae79421312711ee05e95e312c741a776e6d37317767f9bccb35cf19900d2053
4d9867046e990bd68ab027d5e92df3e32e5d72a09ec3ad0a791ddb8130d0017f
4e164b722449ca612e0fd7db6cd6934f3ef620572a7f315d7f264b36bff6ea55
55b898eeb6afc0bd8fbe8c051c5f6c270da59cc140959535beeb07d1c1fd3457
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5ac0d1a87ad5eccf2f71c70cad9a38a11e498cc395f2205d45dd7a4524c6582d
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
68661329a1cd69d6d40894a3531b37e648a4057832a3ab433afc6abd1d64d313
689e47a0f67556070316928ac03ba9726faeaf77d32a908d9f17fadbec88a35e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87ee7466a4c44faea154684cd6acc885c4fd82906c2a82598c4fd3435fa37f9a
90431299afc79f2f07c5bbbc64d9d9c6b3e0613db138e0e1675a5a400e3d3e2e
b16a4b20f1d3decb3fd205a5c6f686c925c3cc09371da243c8cf82526a121882
b3ac405c96e1194eb6ab54b6676028c7380716aa5212a26f1572a845808abd5e
e0ad5458dbc7bf04431ba5aa06bbc9d2dcb984c22c419c4605a458c3e0c9db8b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea8709c333523eaa79e47d2670f5bbb49c469bf52de4d4c5d4b83571ec14da65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629