my-ups-team.com
Open in
urlscan Pro
199.33.112.228
Malicious Activity!
Public Scan
URL:
https://my-ups-team.com/JY742/
Submission: On December 06 via manual from JP — Scanned from CA
Submission: On December 06 via manual from JP — Scanned from CA
Summary
This website contacted 13 IPs
in 3 countries
across 15 domains to perform 55 HTTP transactions.
The main IP is 199.33.112.228, located in
Mississauga, Canada and
belongs to CDSI, CA.
The main domain is my-ups-team.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 5th 2022. Valid for: a year.
This is the only time my-ups-team.com was scanned on urlscan.io!
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on December 5th 2022. Valid for: a year.
This is the only time my-ups-team.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UPS (Transportation)Domain & IP information
5
199.33.112.228
(Mississauga, Canada)
ASN23498 (CDSI, CA)
PTR: cp3.hostsilo.com
ASN23498 (CDSI, CA)
PTR: cp3.hostsilo.com
| my-ups-team.com | |
| www.my-ups-team.com |
10
173.223.57.246
(Secaucus, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-246.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-246.deploy.static.akamaitechnologies.com
| www.ups.com |
2
2620:1ec:4b::23
(United States)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| media-us1.digital.nuance.com |
2
54.146.152.111
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-152-111.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-152-111.compute-1.amazonaws.com
| match.prod.bidr.io |
4
13.33.60.37
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-37.ewr52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-33-60-37.ewr52.r.cloudfront.net
| segments.company-target.com |
2
35.190.60.146
(Kansas City, United States)
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
| id.rlcdn.com |
5
35.71.131.137
(United States)
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
| insight.adsrvr.org | |
| match.adsrvr.org |
1
143.204.138.162
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-143-204-138-162.ewr52.r.cloudfront.net
| js.adsrvr.org |
2
68.67.160.114
(Brooklyn, United States)
ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
ASN29990 (ASN-APPNEX, US)
PTR: 672.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
| ib.adnxs.com |
2
142.250.80.98
(Glen Cove, United States)
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: lga34s36-in-f2.1e100.net
| cm.g.doubleclick.net |
2
52.45.33.138
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-45-33-138.compute-1.amazonaws.com
| ups.analytics.yahoo.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 27 |
tawk.to
embed.tawk.to — Cisco Umbrella Rank: 8986 va.tawk.to — Cisco Umbrella Rank: 8735 |
222 KB |
| 10 |
ups.com
www.ups.com — Cisco Umbrella Rank: 8162 |
262 KB |
| 6 |
adsrvr.org
1 redirects
insight.adsrvr.org — Cisco Umbrella Rank: 611 match.adsrvr.org — Cisco Umbrella Rank: 364 js.adsrvr.org — Cisco Umbrella Rank: 1473 |
4 KB |
| 5 |
my-ups-team.com
2 redirects
my-ups-team.com www.my-ups-team.com |
16 KB |
| 4 |
company-target.com
2 redirects
segments.company-target.com — Cisco Umbrella Rank: 1459 |
2 KB |
| 3 |
qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 1136 |
53 KB |
| 2 |
yahoo.com
2 redirects
ups.analytics.yahoo.com — Cisco Umbrella Rank: 317 |
625 B |
| 2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 234 |
751 B |
| 2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 238 |
2 KB |
| 2 |
rlcdn.com
2 redirects
id.rlcdn.com — Cisco Umbrella Rank: 608 |
772 B |
| 2 |
bidr.io
2 redirects
match.prod.bidr.io — Cisco Umbrella Rank: 549 |
1 KB |
| 2 |
nuance.com
media-us1.digital.nuance.com — Cisco Umbrella Rank: 7676 |
14 KB |
| 1 |
jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 435 |
39 KB |
| 1 |
inq.com
ups.inq.com — Cisco Umbrella Rank: 9619 |
2 KB |
| 1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 361 |
33 KB |
| 55 | 15 |
| Domain | Requested by | |
|---|---|---|
| 22 | embed.tawk.to |
my-ups-team.com
embed.tawk.to |
| 10 | www.ups.com |
my-ups-team.com
www.ups.com |
| 5 | va.tawk.to |
embed.tawk.to
|
| 4 | match.adsrvr.org |
my-ups-team.com
js.adsrvr.org |
| 4 | segments.company-target.com |
2 redirects
my-ups-team.com
|
| 3 | siteintercept.qualtrics.com |
my-ups-team.com
|
| 3 | my-ups-team.com | 2 redirects |
| 2 | ups.analytics.yahoo.com | 2 redirects |
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | ib.adnxs.com | 2 redirects |
| 2 | id.rlcdn.com | 2 redirects |
| 2 | match.prod.bidr.io | 2 redirects |
| 2 | media-us1.digital.nuance.com |
my-ups-team.com
ups.inq.com |
| 2 | www.my-ups-team.com |
my-ups-team.com
|
| 1 | cdn.jsdelivr.net |
embed.tawk.to
|
| 1 | js.adsrvr.org |
match.adsrvr.org
|
| 1 | insight.adsrvr.org | 1 redirects |
| 1 | ups.inq.com |
my-ups-team.com
|
| 1 | ajax.googleapis.com |
my-ups-team.com
|
| 55 | 19 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.ups.com |
| wwwapps.ups.com |
| es-us.ups.com |
| about.ups.com |
| www.investors.ups.com |
| www.jobs-ups.com |
| www.theupsstore.com |
| upscapital.com |
| www.facebook.com |
| twitter.com |
| www.linkedin.com |
| www.youtube.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| my-ups-team.com Sectigo RSA Domain Validation Secure Server CA |
2022-12-05 - 2023-12-05 |
a year | crt.sh |
| www.ups.com COMODO ECC Organization Validation Secure Server CA |
2022-08-31 - 2023-08-31 |
a year | crt.sh |
| upload.video.google.com GTS CA 1C3 |
2022-11-02 - 2023-01-25 |
3 months | crt.sh |
| *.inq.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2022-09-14 - 2023-10-12 |
a year | crt.sh |
| *.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2022-09-14 - 2023-10-12 |
a year | crt.sh |
| *.qualtrics.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-05-04 - 2023-05-04 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-05-28 - 2023-05-28 |
a year | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2022-03-31 - 2023-05-02 |
a year | crt.sh |
This page contains 10 frames:
Primary Page:
https://my-ups-team.com/JY742/
Frame ID: 5155DEFDFF504A6E03612629533170C2
Requests: 42 HTTP requests in this frame
Frame:
https://www.ups.com/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
Frame ID: 9D636D83E52933703812AEC4C6FBD291
Requests: 1 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_US%26requester%3DST%2F&upid=3xdvk81&upv=1.1.0
Frame ID: 0ABF01D0D75EBFDB7F132305DB614D4A
Requests: 2 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5361853467960723029&ttd_tdid=bba093f2-b66b-44ad-ba4b-01efdabce344
Frame ID: 445FAF81D72C915923182EE0B8E944EE
Requests: 1 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bba093f2-b66b-44ad-ba4b-01efdabce344&google_gid=CAESEE7wf5hdXTLpgS9En1CFXow&google_cver=1
Frame ID: 716012513C919FD537E2ACC3338618AB
Requests: 1 HTTP requests in this frame
Frame:
https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-oLBB7EpE2uJv_xmbzpt1eJbBUdNTcnE-~A&gdpr=0&gdpr_consent=
Frame ID: B5921A2B47CD68053643522D5F677469
Requests: 1 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/min-widget.css
Frame ID: BD52DE8C69ECCA8812EBA462DD0816BB
Requests: 1 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/bubble-widget.css
Frame ID: 662CBB494EEB00134C4B23065EDED907
Requests: 3 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/message-preview.css
Frame ID: 97897393B041B4BEDF9D3B6B9A9D6311
Requests: 1 HTTP requests in this frame
Frame:
https://embed.tawk.to/_s/v4/app/637ddf31c8f/css/max-widget.css
Frame ID: 6A9CEEB8B0EA651018F2AEA773FF1E22
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Tracking | UPS - United KingdomDetected technologies
Tawk.to
(Live Chat)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //embed\.tawk\.to
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
jsDelivr
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- //cdn\.jsdelivr\.net/
Page Statistics
32 Outgoing links
These are links going to different origins than the main page.
URL: https://www.ups.com/us/en/Home.page
Search URL Search Domain Scan URL
URL: https://www.ups.com/lasso/login?loc=en_US&returnto=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_US%26Requester%3Dlasso
Title: Log in / Sign up
Title: Log in / Sign up
Search URL Search Domain Scan URL
URL: https://www.ups.com/ship?loc=en_US
Title: Ship
Title: Ship
Search URL Search Domain Scan URL
URL: https://www.ups.com/service-selector?loc=en_US
Title: Find a Service
Title: Find a Service
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/ctc/request?loc=en_US
Title: Quote
Title: Quote
Search URL Search Domain Scan URL
URL: https://www.ups.com/track?loc=en_US
Title: Track a Package
Title: Track a Package
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/pickup/schedule?loc=en_US
Title: Schedule a Pickup
Title: Schedule a Pickup
Search URL Search Domain Scan URL
URL: https://www.ups.com/marketplaceshipping/order?loc=en_US
Title: Manage Online Orders: Marketplace Shipping
Title: Manage Online Orders: Marketplace Shipping
Search URL Search Domain Scan URL
URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAReturn___StartSession&loc=en_US
Title: Create a Return
Title: Create a Return
Search URL Search Domain Scan URL
URL: https://www.ups.com/ship/history?loc=en_US
Title: View Shipping History
Title: View Shipping History
Search URL Search Domain Scan URL
URL: https://www.ups.com/uis/create?ActionOriginPair=BatchImportPage___StartSession&loc=en_US&WT.svl=SubNav
Title: Batch File Shipping
Title: Batch File Shipping
Search URL Search Domain Scan URL
URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAnImport___StartSession&loc=en_US
Title: Create Import:UPS Import Control
Title: Create Import:UPS Import Control
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/tradeability?loc=en_US
Title: International Toolset:UPS TradeAbility
Title: International Toolset:UPS TradeAbility
Search URL Search Domain Scan URL
URL: https://www.ups.com/us/en/supplychain/logistics.page
Title: Contract Logistics
Title: Contract Logistics
Search URL Search Domain Scan URL
URL: https://www.ups.com/dropoff?loc=en_US
Title: Locations
Title: Locations
Search URL Search Domain Scan URL
URL: https://es-us.ups.com/us/es/Home.page?loc=es_US
Title: Estados Unidos - Español
Title: Estados Unidos - Español
Search URL Search Domain Scan URL
URL: https://www.ups.com/us/en/Home.page?loc=en_US
Title: United States - English
Title: United States - English
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/ppc/ppc.html?loc=en_US#/profilePage
Title: My Profile
Title: My Profile
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/emailEnrollment/signIn?loc=en_US
Title: Communication Preferences
Title: Communication Preferences
Search URL Search Domain Scan URL
URL: https://about.ups.com/us/en/newsroom.html
Title: Media RelationsOpen the link in a new window
Title: Media RelationsOpen the link in a new window
Search URL Search Domain Scan URL
URL: http://www.investors.ups.com/
Title: Investor RelationsOpen the link in a new window
Title: Investor RelationsOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://www.jobs-ups.com/location
Title: CareersOpen the link in a new window
Title: CareersOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://about.ups.com/us/en/social-impact.html
Title: Sustainability & Community InvolvementOpen the link in a new window
Title: Sustainability & Community InvolvementOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://www.theupsstore.com/?loc=en_US
Title: The UPS StoreOpen the link in a new window
Title: The UPS StoreOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://upscapital.com/
Title: UPS CapitalOpen the link in a new window
Title: UPS CapitalOpen the link in a new window
Search URL Search Domain Scan URL
URL: http://www.facebook.com/ups
Title: FacebookOpen the link in a new window
Title: FacebookOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://twitter.com/UPS
Title: TwitterOpen the link in a new window
Title: TwitterOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://www.linkedin.com/company/ups
Title: LinkedInOpen the link in a new window
Title: LinkedInOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://www.youtube.com/ups
Title: YouTubeOpen the link in a new window
Title: YouTubeOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://www.ups.com/us/en/services/knowledge-center/longitudes-landing.page?articlesource=longitudes
Title: UPS Blog: Longitudes
Title: UPS Blog: Longitudes
Search URL Search Domain Scan URL
URL: https://www.ups.com/ppwa/doWork?loc=en_US
Title: Do Not Sell My Info
Title: Do Not Sell My Info
Search URL Search Domain Scan URL
URL: https://www.ups.com/us/en/help-center/legal-terms-conditions/privacy-notice.page
Title: Privacy Notice
Title: Privacy Notice
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 8- https://my-ups-team.com/img/icp.gif HTTP 301
- https://www.my-ups-team.com/img/icp.gif
- https://my-ups-team.com/ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c HTTP 301
- https://www.my-ups-team.com/ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/gJBB1c
- https://match.prod.bidr.io/cookie-sync/demandbase HTTP 303
- https://match.prod.bidr.io/cookie-sync/demandbase?_bee_ppp=1 HTTP 303
- https://segments.company-target.com/log?vendor=choca&user_id=AAEOS07HHhUAAB9TF2WKsQ HTTP 303
- https://segments.company-target.com/validateCookie?vendor=choca&user_id=AAEOS07HHhUAAB9TF2WKsQ&verifyHash=fb08a64ad08be78440e7f39243b2a0ec3dc30d8a
- https://id.rlcdn.com/464526.gif HTTP 307
- https://id.rlcdn.com/1000.gif?memo=CI6tHBoNCLaVvJwGEgUI6AcQAEIASgA HTTP 307
- https://segments.company-target.com/log?vendor=liveramp&user_id=Xc1297Trg4MIveJeDCBUpOHTEN3W_iQxrO-fpPjgV2U60vzbM HTTP 303
- https://segments.company-target.com/validateCookie?vendor=liveramp&user_id=Xc1297Trg4MIveJeDCBUpOHTEN3W_iQxrO-fpPjgV2U60vzbM&verifyHash=9006ff6a4275ac18c7fd71f9c0a54d48faffd9f1
- https://insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_US%26requester%3DST%2F&upid=3xdvk81&upv=1.1.0 HTTP 302
- https://match.adsrvr.org/track/upb/?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_US%26requester%3DST%2F&upid=3xdvk81&upv=1.1.0
- https://ib.adnxs.com/getuid?https%3a%2f%2fmatch.adsrvr.org%2ftrack%2fcmf%2fappnexus%3fttd%3d1%26anid%3d%24UID&ttd_tdid=bba093f2-b66b-44ad-ba4b-01efdabce344 HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253a%252f%252fmatch.adsrvr.org%252ftrack%252fcmf%252fappnexus%253fttd%253d1%2526anid%253d%2524UID%26ttd_tdid%3Dbba093f2-b66b-44ad-ba4b-01efdabce344 HTTP 302
- https://match.adsrvr.org/track/cmf/appnexus?ttd=1&anid=5361853467960723029&ttd_tdid=bba093f2-b66b-44ad-ba4b-01efdabce344
- https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm&google_sc&google_hm=YmJhMDkzZjItYjY2Yi00NGFkLWJhNGItMDFlZmRhYmNlMzQ0&gdpr=0&gdpr_consent=&ttd_tdid=bba093f2-b66b-44ad-ba4b-01efdabce344 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=TheTradeDesk&google_cm=&google_sc=&google_hm=YmJhMDkzZjItYjY2Yi00NGFkLWJhNGItMDFlZmRhYmNlMzQ0&gdpr=0&gdpr_consent=&ttd_tdid=bba093f2-b66b-44ad-ba4b-01efdabce344&google_tc= HTTP 302
- https://match.adsrvr.org/track/cmf/google?g_uuid=&gdpr=0&gdpr_consent=&ttd_tdid=bba093f2-b66b-44ad-ba4b-01efdabce344&google_gid=CAESEE7wf5hdXTLpgS9En1CFXow&google_cver=1
- https://ups.analytics.yahoo.com/ups/55953/sync?uid=bba093f2-b66b-44ad-ba4b-01efdabce344&_origin=1&redir=true&gdpr=0&gdpr_consent= HTTP 302
- https://ups.analytics.yahoo.com/ups/55953/sync?uid=bba093f2-b66b-44ad-ba4b-01efdabce344&_origin=1&redir=true&gdpr=0&gdpr_consent=&verify=true HTTP 302
- https://match.adsrvr.org/track/cmf/generic?ttd_pid=rightmedia&yahoo_id=y-oLBB7EpE2uJv_xmbzpt1eJbBUdNTcnE-~A&gdpr=0&gdpr_consent=
55 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
/
my-ups-team.com/JY742/ |
82 KB 16 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ups.vendor.54f3c2d83b58.css
www.ups.com/assets/resources/styles/ |
134 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ups.styles.eb36c144b5fd.css
www.ups.com/assets/resources/styles/ |
221 KB 89 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ups.modules.621ddd669ef2.css
www.ups.com/assets/resources/styles/ |
711 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ups.widgets.6611168e8d14.css
www.ups.com/assets/resources/styles/ |
69 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ups.apps-utrk.de2c674dbb95.css
www.ups.com/assets/resources/styles/ |
74 KB 10 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ups.apps-simplified_tracking.65f764049554.css
www.ups.com/assets/resources/styles/ |
101 KB 12 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.9.1/ |
90 KB 33 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
UPS_logo.svg
www.ups.com/assets/resources/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icp.gif
www.my-ups-team.com/img/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
inqChatLaunch10005649.js
ups.inq.com/chatskins/launch/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ups.scripts.657f3e.js
www.ups.com/assets/resources/scripts/ |
329 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
gJBB1c
www.my-ups-team.com/ZaHCrMZsxk/SRmFnU/NBGi/1r9QVSfSamNY/ER9YcQE/aHNYe/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chatLoader.min.js
media-us1.digital.nuance.com/media/launch/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
validateCookie
segments.company-target.com/ Redirect Chain
|
0 327 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
validateCookie
segments.company-target.com/ Redirect Chain
|
26 B 409 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
92 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
63 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ |
256 B 531 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
36 KB 36 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1fej9jqc8
embed.tawk.to/6130cb3c649e0a0a5cd44187/ |
2 KB 944 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
social.jpg
www.ups.com/assets/resources/images/ |
876 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nuance-chat.html
www.ups.com/nuance/ Frame 9D63 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
match.adsrvr.org/track/upb/ Frame 0ABF Redirect Chain
|
893 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
chatLoader.min.js
media-us1.digital.nuance.com/media/launch/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
universal_pixel.1.1.0.js
js.adsrvr.org/ Frame 0ABF |
487 B 987 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
appnexus
match.adsrvr.org/track/cmf/ Frame 445F Redirect Chain
|
70 B 596 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
google
match.adsrvr.org/track/cmf/ Frame 7160 Redirect Chain
|
70 B 595 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame B592 Redirect Chain
|
70 B 596 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-main.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
121 B 361 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-vendor.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
76 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-vendors.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
206 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-common.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
192 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-runtime.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-app.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
151 B 385 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
widget-settings
va.tawk.to/v1/ |
3 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
start
va.tawk.to/v1/session/ |
994 B 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H2 |
start
va.tawk.to/v1/session/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
en.js
embed.tawk.to/_s/v4/app/637ddf31c8f/languages/ |
16 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-2c78ba82.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
7 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-696bc286.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
16 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-f1596d96.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-48f46bef.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
15 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-4fe9d5dd.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
942 B 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-2d0b9454.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
546 B 603 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-f163fcd0.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
twk-chunk-32507910.js
embed.tawk.to/_s/v4/app/637ddf31c8f/js/ |
72 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
min-widget.css
embed.tawk.to/_s/v4/app/637ddf31c8f/css/ Frame BD52 |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
bubble-widget.css
embed.tawk.to/_s/v4/app/637ddf31c8f/css/ Frame 662C |
13 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
message-preview.css
embed.tawk.to/_s/v4/app/637ddf31c8f/css/ Frame 9789 |
37 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
max-widget.css
embed.tawk.to/_s/v4/app/637ddf31c8f/css/ Frame 6A9C |
74 KB 14 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
168-r-br.svg
embed.tawk.to/_s/v4/assets/images/attention-grabbers/ Frame 662C |
22 KB 6 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
tawk-font-icon-2.woff2
embed.tawk.to/_s/v4/assets/fonts/ Frame 662C |
10 KB 11 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ |
295 KB 39 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
OPTIONS H3 |
v3
va.tawk.to/log-performance/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
v3
va.tawk.to/log-performance/ |
5 B 280 B |
Fetch
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UPS (Transportation)72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange function| $ function| jQuery string| expand string| collapse string| wems_country string| wems_locale string| wems_ext_locale string| wems_ts undefined| $location object| obj_live_chat string| alertsUrl string| rightRailLabel object| popularTerms object| jQuery191008729571117087409 function| executePlugins function| alignElementHeight function| getAccountInfoResponse function| getPagelink function| encode64 function| createChatURL function| checkIfCondition function| maxHeight undefined| thirdContFluid undefined| rightRail undefined| upsAuth undefined| authentication undefined| _instance undefined| index undefined| ariaExpanded undefined| addTrackingHistory undefined| processSuccessResponse undefined| processResponse undefined| urlParam undefined| queryParam undefined| cmeTrnscrptLnk undefined| arExpan undefined| pdCastCn undefined| arHid undefined| cmeFeedbackInit undefined| upsCmeSubNavInit undefined| mostRecentInit undefined| recentCategoryInit undefined| tableInit object| $head object| Tawk_API object| Tawk_LoadStart string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk object| __webpack_exports__ function| evaluateLegacySettings function| wrapWithTryCatch function| secureProtocol function| getParentV3LanderConfig function| loadChat object| v3Lander object| v3LanderConfig object| tawkJsonp function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| Tawk_Window object| emojione15 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .rlcdn.com/ | Name: rlas3 Value: oqHiq6BFeAGT8ksMQU7zqdMAyBQHa020oVbq43KfcuQ= |
|
| .bidr.io/ | Name: bito Value: AAEOS07HHhUAAB9TF2WKsQ |
|
| .bidr.io/ | Name: bitoIsSecure Value: ok |
|
| .rlcdn.com/ | Name: pxrc Value: CLaVvJwGEgUI6AcQABIGCMrdKhAA |
|
| .company-target.com/ | Name: tuuid_lu Value: 1670318775 |
|
| .company-target.com/ | Name: tuuid Value: 3aaf0cd3-1324-4adc-b933-b2a059956a18 |
|
| .adsrvr.org/ | Name: TDID Value: bba093f2-b66b-44ad-ba4b-01efdabce344 |
|
| .adnxs.com/ | Name: uuid2 Value: 5361853467960723029 |
|
| .yahoo.com/ | Name: A3 Value: d=AQABBLcKj2MCEFZ2rMXaxyYOMqYEkdqiVpIFEgEBAQFckGOYYwAAAAAA_eMAAA&S=AQAAAsd-_TPqnN4Co5kuvFVJsTM |
|
| .analytics.yahoo.com/ | Name: IDSYNC Value: 1769~28ox |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUkXdmaNxS0w0Ah-fuMRC1ORYdu_SLF79gWi3r-BO0T2g1uSnXrkfTdgRXcjSq8 |
|
| .adsrvr.org/ | Name: TDCPM Value: CAESFwoIYXBwbmV4dXMSCwiGj6rMvt2rOxAFEhUKBmdvb2dsZRILCMiFss2-3as7EAUSGQoKcmlnaHRtZWRpYRILCObxwMq-3as7EAUYBSADKAMyCwjm6cP31N2rOxAFQhYiFAgBEhAKDHN1cHBseXZlbmRvchABWgdiaGlwYzNyYAE. |
|
| my-ups-team.com/ | Name: twk_idm_key Value: mvUDWZJ1OTKkObc3Y2TwZ |
|
| my-ups-team.com/ | Name: TawkConnectionTime Value: 0 |
|
| .my-ups-team.com/ | Name: twk_uuid_6130cb3c649e0a0a5cd44187 Value: %7B%22uuid%22%3A%221.WroriQgEZEjY4Skd32hCcm4QIiWm3NwMo3wUSoYj3eGarfcXXJnMoSdzSfQjDQWPkw8W7gWe9c0B3Wj84mucRTOJLgC3KK4Qoh4aKOHWj0jjmc7RPD2UuFf43%22%2C%22version%22%3A3%2C%22domain%22%3A%22my-ups-team.com%22%2C%22ts%22%3A1670318776829%7D |
3 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
cdn.jsdelivr.net
cm.g.doubleclick.net
embed.tawk.to
ib.adnxs.com
id.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
match.adsrvr.org
match.prod.bidr.io
media-us1.digital.nuance.com
my-ups-team.com
segments.company-target.com
siteintercept.qualtrics.com
ups.analytics.yahoo.com
ups.inq.com
va.tawk.to
www.my-ups-team.com
www.ups.com
104.17.209.240
13.33.60.37
142.250.80.98
143.204.138.162
173.223.57.246
199.33.112.228
2606:4700:10::6816:1983
2606:4700:10::ac43:2642
2606:4700::6810:5714
2607:f8b0:4006:80f::200a
2620:1ec:4b::23
35.190.60.146
35.71.131.137
52.177.241.160
52.45.33.138
54.146.152.111
68.67.160.114
0c1c11e6d9b00df8a81a816d2f9789c3ad63910f550eb1af108d2f241c77c9ae
13073fa3d696481456c39a623f5fbc7943ed5d190e147642354ac92e1a823dfd
13cf82e6f9d48221cd55f8b3c3d206f7bdb83f291034b478e484ccfef7d500dd
1ccda18c57b7e53f20d76a5cf4298b5b690b7d3370d27bf06be7f569fe0c41bd
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
299a4f2bad31c68a87c725376227e4e71d3fa3be5ac21776509b6a526bfd603b
2ab0401a81986ed0a4c79a5ec3c0d3c4ac577dafec0322ab84d4ea8a76d821cb
2f56f47d64037d5aa3a96b50c840580e5549fee6f9fafff8af3d1821d189fa5c
342a2bfec06de8c181b8b8f146dc2fba5886fec9d77f94aee3accc51146990da
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
45e8aa7ebbca7aa7be5e368b6b3bbb80c5f10fdccadfe603d9126c151991d022
48126b4a0cc388ba014594d6d64a6c6c6bb1c0ea145bb1c3c2b1da1a514e4a5c
49503a9789095738a02465e740b3e50c033a732608e83375b8109886de5c35a6
49b885848ef51766146896582e900786e12849a32c9686d8068663de56d2b4f4
5108ef00c54e1f6ce859852834135447457cf19ee19aa7b0fb55b64b425cb526
544039b2ff06226afd008c3625818bbfe76a2598d7159145d06965afaf4f09de
5958b8f2069b0a3292ed7a9db46b8109adac7e81591238557125893ee7e87bb7
60d8bbf94b68eb5dff990ba0a61b5a4af8f2ed0cfd4a0dbf8de598658cebc6c5
654d5153e9271fb0cf77a967a37cb4e615a1f911a9957f747f395d824d0cca44
663028e7a6e8b469483d28f1b38a593e73623ae4e95eebdef03eecc014da0316
6d510d7d2266769c4b312b4db0fc12e180db9c5ef2d75926c5b8f23543788aba
705186becc9e0a306a6b4867ae2768aa9dd3b8c12393d9f9c52029e9a6fcf31c
738f90cd935b00f835ed3d25668c4c5f02e85f8d15087b94b8b6d3667d063593
83bf5bc596982a4f75467e476f78e856ac970915731fb11c7115f5feaac5027b
848a39e2c4b55bf618083b7c16134111b9078b904df733eeb105b352659fd195
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ea95ad5c8b1c5de01a4a647ba43f1d82e0e94337b17995abaa29a6dc7d5bffc
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
97ca66991150a4c1263837600fe4338f33d96b74979cd7740ab07d22b883b8e0
9c86af70b144452f6ba19b963d766da7ea8e631dfc0ac6d2461685fa9b123d4e
a416370f6f98339e7edf9fe2c70a45bf9cfba93c0520921db47d15c27934ba88
b959ad2221d60430f98667e34f19ac4830d2a4e82d086aafec1d1c92aaf1a9bc
bb13cb50e0d174717b078200f51b397e6dd8e3b050169a445ca8fb3783073331
c12f6098e641aaca96c60215800f18f5671039aecf812217fab3c0d152f6adb4
c41b0c2c06d41f505280bb0ac13af0f0428635605d04fc616f3b364e57bcbeea
c95f5aecceb31d60c86401ec1adb4f3e21938a0d903c6c8ea829b633e2ac4f5e
daaffcd4a4c302f2a38f9dc175eab753666b4a5ec239bc080ac39cc5c526db0d
dc9b8766ba1ad9df5f06c2da364ce4736551d12b4f3878ff78f9fd8a4079ba41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e924ffe8bcc65483510a22a7286bd6d4d204e72ffe5927eec50158f7a7be50c0
ef7538e750f39d405c769e0d0051573d65bdf2cc25a2da17fb2c11c763cec68f
f08b0bfc5ca2e4fb4d2befa761a291c460279d018754531c1ed73fcb8bbd83b6
f4d4fcb3cdd9f021bca50bedb83de05b77fd23b3c98ad36b103fea8c0744ea71
f58100f6119cb35d26e4e8fc3775499feef71ae7a1c75feebc8e5d7c575ebdf2
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
f6d7e9dafd1ec463ecd0c6b20f170400dd15afe81c71dea50771550df2f83ffc
fc129f67c34d70578dc66a2ac6be2d44011eab5a05077797b8e56dbc2f2c9867
ff829c034ce4af1a1e2600ad8acf15c7cccfde10d7f250983deea1ff743fc880