ups-redeliver.com
Open in
urlscan Pro
2606:4700:3030::ac43:8a85
Malicious Activity!
Public Scan
Submitted URL: https://ups-redeliver.com/
Effective URL: https://ups-redeliver.com/track?loc=en_gb&tracknum=gfjfKA6LmB&secure=true&time=1624896421&Requester=NS/trackdetails
Submission Tags: 7202713
Submission: On June 28 via api from NL
Effective URL: https://ups-redeliver.com/track?loc=en_gb&tracknum=gfjfKA6LmB&secure=true&time=1624896421&Requester=NS/trackdetails
Submission Tags: 7202713
Submission: On June 28 via api from NL
Summary
This website contacted 18 IPs
in 3 countries
across 14 domains to perform 49 HTTP transactions.
The main IP is 2606:4700:3030::ac43:8a85, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is ups-redeliver.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2021. Valid for: a year.
This is the only time ups-redeliver.com was scanned on urlscan.io!
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 25th 2021. Valid for: a year.
This is the only time ups-redeliver.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: UPS (Transportation)Domain & IP information
1
209.197.3.16
(United States)
ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net
ASN20446 (HIGHWINDS3, US)
PTR: vip0x010.map2.ssl.hwcdn.net
| cdn5.userzoom.com |
2
2a03:2880:f01c:8012:face:b00c:0:3
(Frankfurt am Main, Germany)
ASN32934 (FACEBOOK, US)
ASN32934 (FACEBOOK, US)
| connect.facebook.net |
23
104.84.57.177
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a104-84-57-177.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a104-84-57-177.deploy.static.akamaitechnologies.com
| www.ups.com |
2
2a00:1450:4001:82f::2008
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| www.googletagmanager.com |
2
142.250.184.194
(United States)
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net
| www.googleadservices.com |
3
2620:1ec:48::44
(United States)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
| media-us1.digital.nuance.com |
3
142.250.185.198
(United States)
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net
| 6451349.fls.doubleclick.net |
1
52.50.64.214
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-64-214.eu-west-1.compute.amazonaws.com
| insight.adsrvr.org |
2
2a00:1450:4001:810::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| adservice.google.com | |
| adservice.google.de |
1
2a00:1450:4001:80f::2002
(Frankfurt am Main, Germany)
ASN15169 (GOOGLE, US)
ASN15169 (GOOGLE, US)
| googleads.g.doubleclick.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 23 |
ups.com
2 redirects
www.ups.com |
403 KB |
| 4 |
doubleclick.net
1 redirects
6451349.fls.doubleclick.net googleads.g.doubleclick.net |
2 KB |
| 3 |
qualtrics.com
siteintercept.qualtrics.com |
46 KB |
| 3 |
nuance.com
media-us1.digital.nuance.com |
5 KB |
| 3 |
youtube.com
www.youtube.com |
85 KB |
| 2 |
google.de
1 redirects
adservice.google.de www.google.de |
814 B |
| 2 |
google.com
adservice.google.com www.google.com |
594 B |
| 2 |
go-mpulse.net
s.go-mpulse.net c.go-mpulse.net |
50 KB |
| 2 |
googleadservices.com
www.googleadservices.com |
31 KB |
| 2 |
googletagmanager.com
www.googletagmanager.com |
68 KB |
| 2 |
facebook.net
connect.facebook.net |
99 KB |
| 2 |
ups-redeliver.com
1 redirects
ups-redeliver.com |
22 KB |
| 1 |
adsrvr.org
insight.adsrvr.org |
182 B |
| 1 |
userzoom.com
cdn5.userzoom.com |
495 B |
| 49 | 14 |
| Domain | Requested by | |
|---|---|---|
| 23 | www.ups.com |
2 redirects
ups-redeliver.com
www.ups.com |
| 3 | 6451349.fls.doubleclick.net |
1 redirects
ups-redeliver.com
adservice.google.com |
| 3 | siteintercept.qualtrics.com |
ups-redeliver.com
|
| 3 | media-us1.digital.nuance.com |
ups-redeliver.com
|
| 3 | www.youtube.com |
ups-redeliver.com
www.youtube.com |
| 2 | www.googleadservices.com |
ups-redeliver.com
6451349.fls.doubleclick.net |
| 2 | www.googletagmanager.com |
ups-redeliver.com
|
| 2 | connect.facebook.net |
ups-redeliver.com
|
| 2 | ups-redeliver.com | 1 redirects |
| 1 | www.google.de |
6451349.fls.doubleclick.net
|
| 1 | www.google.com |
6451349.fls.doubleclick.net
|
| 1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
| 1 | adservice.google.de | 1 redirects |
| 1 | c.go-mpulse.net |
s.go-mpulse.net
|
| 1 | adservice.google.com |
6451349.fls.doubleclick.net
|
| 1 | insight.adsrvr.org |
ups-redeliver.com
|
| 1 | s.go-mpulse.net |
ups-redeliver.com
|
| 1 | cdn5.userzoom.com |
ups-redeliver.com
|
| 49 | 18 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.ups.com |
| wwwapps.ups.com |
| about.ups.com |
| www.investors.ups.com |
| www.jobs-ups.com |
| upscapital.com |
| www.translations.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2021-06-25 - 2022-06-24 |
a year | crt.sh |
| manager.userzoom.com DigiCert SHA2 Extended Validation Server CA |
2021-05-20 - 2022-06-20 |
a year | crt.sh |
| *.facebook.com DigiCert SHA2 High Assurance Server CA |
2021-05-26 - 2021-08-24 |
3 months | crt.sh |
| www.ups.com COMODO RSA Organization Validation Secure Server CA |
2020-05-29 - 2022-05-29 |
2 years | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
| www.googleadservices.com GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
| *.digital.nuance.com Go Daddy Secure Certificate Authority - G2 |
2019-09-17 - 2021-11-16 |
2 years | crt.sh |
| *.qualtrics.com DigiCert SHA2 Secure Server CA |
2020-10-26 - 2021-11-26 |
a year | crt.sh |
| akstat.io DigiCert SHA2 Secure Server CA |
2021-06-08 - 2022-06-13 |
a year | crt.sh |
| *.doubleclick.net GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
| *.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2021-03-18 - 2022-04-19 |
a year | crt.sh |
| *.googleadservices.com GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
| www.google.de GTS CA 1C3 |
2021-05-31 - 2021-08-23 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
https://ups-redeliver.com/track?loc=en_gb&tracknum=gfjfKA6LmB&secure=true&time=1624896421&Requester=NS/trackdetails
Frame ID: D60EB06D2DE3A716B38979BBAD548672
Requests: 39 HTTP requests in this frame
Frame:
https://s.go-mpulse.net/boomerang/TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
Frame ID: 7A137DF7363540922E6BCE84065CE473
Requests: 2 HTTP requests in this frame
Frame:
https://www.ups.com/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
Frame ID: 663486AC43F299D8F172B9C4005F6A33
Requests: 1 HTTP requests in this frame
Frame:
https://6451349.fls.doubleclick.net/activityi;dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails
Frame ID: 972C1BA6EF613B3060971192D5650E54
Requests: 1 HTTP requests in this frame
Frame:
https://insight.adsrvr.org/track/up?adv=bhipc3r&ref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails&upid=3xdvk81&upv=1.1.0
Frame ID: EDB28FAB9A1AFE4D343A83849DE608E5
Requests: 1 HTTP requests in this frame
Frame:
https://adservice.google.com/ddm/fls/i/dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails
Frame ID: 4E2788F70F4F56B644EEE24EFC760883
Requests: 1 HTTP requests in this frame
Frame:
https://6451349.fls.doubleclick.net/ddm/fls/r/dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails
Frame ID: 663F3AF4FB11FA50D49A16448745F564
Requests: 5 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://ups-redeliver.com/
HTTP 302
https://ups-redeliver.com/track?loc=en_gb&tracknum=gfjfKA6LmB&secure=true&time=1624896421&Requester=NS... Page URL
Detected technologies
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
Facebook
(Widgets)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i
Page Statistics
54 Outgoing links
These are links going to different origins than the main page.
URL: https://www.ups.com/gb/en/service-alerts.page?id=alert3
Title: … More
Title: … More
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/service-alerts.page?id=alert1
Title: … More
Title: … More
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/service-alerts.page?id=alert2
Title: … More
Title: … More
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/Home.page
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.ups.com/lasso/login?loc=en_GB&returnto=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_GB%26Requester%3Dlasso
Title: Log in / Sign up
Title: Log in / Sign up
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-support-center.page
Title: Customer Support
Title: Customer Support
Search URL Search Domain Scan URL
URL: https://www.ups.com/dropoff?loc=en_GB
Title: Locations
Title: Locations
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/Home.page?loc=en_GB
Title: United Kingdom - English
Title: United Kingdom - English
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/global.page
Title: Select Another Country or Territory
Title: Select Another Country or Territory
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/get-started-with-ups.page
Title: Get Started with UPS
Title: Get Started with UPS
Search URL Search Domain Scan URL
URL: https://www.ups.com/ship?loc=en_GB
Title: Ship
Title: Ship
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/ctc/request?loc=en_GB
Title: Quote
Title: Quote
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/w1-location-finder-page.page?quickStart=true&widget=locationFinder
Title: Locations
Title: Locations
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/billing-payment.page
Title: View & Pay Bill
Title: View & Pay Bill
Search URL Search Domain Scan URL
URL: https://www.ups.com/track?loc=en_GB
Title: Track & Track History
Title: Track & Track History
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/sri/tracking/change-delivery.page
Title: Change Delivery
Title: Change Delivery
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/tracking/quantum-view.page
Title: Manage Inbound/Outbound Deliveries: Quantum View - for Large Enterprise Businesses
Title: Manage Inbound/Outbound Deliveries: Quantum View - for Large Enterprise Businesses
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/tracking.page
Title: Explore All Tracking
Title: Explore All Tracking
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/tracking/mychoice.page
Title: Explore Managing Home Deliveries
Title: Explore Managing Home Deliveries
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/tracking/my-choice-for-business.page
Title: Explore Managing Business Deliveries
Title: Explore Managing Business Deliveries
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/pickup/schedule?loc=en_GB
Title: Schedule a Parcel Collection
Title: Schedule a Parcel Collection
Search URL Search Domain Scan URL
URL: https://www.ups.com/marketplaceshipping/order?loc=en_GB
Title: Manage Online Orders: Marketplace Shipping
Title: Manage Online Orders: Marketplace Shipping
Search URL Search Domain Scan URL
URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAReturn___StartSession&loc=en_GB
Title: Create a Return
Title: Create a Return
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/shipping.page
Title: Explore All Shipping
Title: Explore All Shipping
Search URL Search Domain Scan URL
URL: https://www.ups.com/ship/history?loc=en_GB
Title: View Shipping History
Title: View Shipping History
Search URL Search Domain Scan URL
URL: https://www.ups.com/ship/batchupload
Title: Batch File Shipping
Title: Batch File Shipping
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/international-shipping.page
Title: International Shipping
Title: International Shipping
Search URL Search Domain Scan URL
URL: https://www.ups.com/uis/create?ActionOriginPair=CreateAnImport___StartSession&loc=en_GB
Title: Create Import: UPS Import Control
Title: Create Import: UPS Import Control
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/tradeability?loc=en_GB
Title: International Toolset: UPS TradeAbility
Title: International Toolset: UPS TradeAbility
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/shipping/international/services.page
Title: Service Guide
Title: Service Guide
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/packaging-and-supplies.page
Title: Order Supplies
Title: Order Supplies
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services.page
Title: Discover UPS Services
Title: Discover UPS Services
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/shipping.page
Title: Shipping
Title: Shipping
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/billing.page
Title: Billing
Title: Billing
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/contract-logistics.page
Title: Contract Logistics
Title: Contract Logistics
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/technology-integration.page
Title: Integrating UPS Technology
Title: Integrating UPS Technology
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/individual-shipper.page
Title: Individual Shipper
Title: Individual Shipper
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/services/small-business.page
Title: Small Business
Title: Small Business
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/get-started-with-ups.page
Title: Get Started with UPS
Title: Get Started with UPS
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/claims-support.page
Title: Claims Support
Title: Claims Support
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/ppc/ppc.html?loc=en_GB#/profilePage
Title: My Profile
Title: My Profile
Search URL Search Domain Scan URL
URL: https://wwwapps.ups.com/emailEnrollment/signIn?loc=en_GB
Title: Communication Preferences
Title: Communication Preferences
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/about.page
Title: About UPS
Title: About UPS
Search URL Search Domain Scan URL
URL: https://about.ups.com/be/en/newsroom.html
Title: Media Relations Open the link in a new window
Title: Media Relations Open the link in a new window
Search URL Search Domain Scan URL
URL: http://www.investors.ups.com/
Title: Investor Relations Open the link in a new window
Title: Investor Relations Open the link in a new window
Search URL Search Domain Scan URL
URL: https://www.jobs-ups.com/location
Title: CareersOpen the link in a new window
Title: CareersOpen the link in a new window
Search URL Search Domain Scan URL
URL: https://about.ups.com/be/en/social-impact.html
Title: Sustainability & Community Involvement Open the link in a new window
Title: Sustainability & Community Involvement Open the link in a new window
Search URL Search Domain Scan URL
URL: https://upscapital.com/gb-en/
Title: UPS Capital Open the link in a new window
Title: UPS Capital Open the link in a new window
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/legal-terms-conditions/fight-fraud.page
Title: Protect Against Fraud
Title: Protect Against Fraud
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/legal-terms-conditions/service.page
Title: Service Terms and Conditions
Title: Service Terms and Conditions
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/legal-terms-conditions/website.page
Title: Website Terms of Use
Title: Website Terms of Use
Search URL Search Domain Scan URL
URL: https://www.ups.com/assets/resources/media/en_GB/modern-slavery-statement.pdf
Title: Modern Slavery Statement Open the link in a new window
Title: Modern Slavery Statement Open the link in a new window
Search URL Search Domain Scan URL
URL: https://www.ups.com/gb/en/help-center/legal-terms-conditions/privacy-notice.page
Title: Privacy Notice Open the link in a new window
Title: Privacy Notice Open the link in a new window
Search URL Search Domain Scan URL
URL: http://www.translations.com/
Title: Powered By OneLink
Title: Powered By OneLink
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://ups-redeliver.com/
HTTP 302
https://ups-redeliver.com/track?loc=en_gb&tracknum=gfjfKA6LmB&secure=true&time=1624896421&Requester=NS/trackdetails Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- https://www.ups.com//zn1gqrxzvrld7vjwm-upscx.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_1GqrxzvRld7vjWm&Q_LOC=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails HTTP 302
- https://www.ups.com/error.page HTTP 302
- https://www.ups.com/us/en/error.page
- https://6451349.fls.doubleclick.net/activityi;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails HTTP 302
- https://6451349.fls.doubleclick.net/activityi;dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails
- https://adservice.google.de/ddm/fls/i/dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails HTTP 302
- https://6451349.fls.doubleclick.net/ddm/fls/r/dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D1zw7v3166891519145%26Requester%3DNS%2Ftrackdetails
49 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H3-29 |
Primary Request
track
ups-redeliver.com/ Redirect Chain
|
204 KB 21 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
QzI2OFQxMjQg.js
cdn5.userzoom.com/files/js/ |
4 B 495 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
286726385262010
connect.facebook.net/signals/config/ |
261 KB 74 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fbevents.js
connect.facebook.net/en_US/ |
94 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
error.page
www.ups.com/us/en/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
84 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
conversion_async.js
www.googleadservices.com/pagead/ |
36 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
www-widgetapi.js
www.youtube.com/s/player/997fe684/www-widgetapi.vflset/ |
126 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
www.ups.com//js.adsrvr.org/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
87 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iframe_api
www.youtube.com/ |
980 B 884 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag.js
www.ups.com//tags.tiqcdn.com/utag/ups/maestro/prod/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ups.vendor.55f92d.js
www.ups.com/assets/resources/scripts/vendor/ |
457 KB 129 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ups.vendor.54f3c2d83b58.css
www.ups.com/assets/resources/styles/ |
134 KB 23 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ups.styles.eb36c144b5fd.css
www.ups.com/assets/resources/styles/ |
221 KB 98 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ups.modules.53d339e7398f.css
www.ups.com/assets/resources/styles/ |
711 KB 80 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ups.widgets.6611168e8d14.css
www.ups.com/assets/resources/styles/ |
69 KB 9 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ups.apps-utrk.0507c7a06e09.css
www.ups.com/assets/resources/styles/ |
74 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ups.apps-simplified_tracking.17c4aa6cf9bb.css
www.ups.com/assets/resources/styles/ |
99 KB 15 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr.fce41f.js
www.ups.com/assets/resources/scripts/vendor/ |
21 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink.css
www.ups.com/_onelink_/ups/sites/www.ups.com/ |
174 B 770 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink.css
www.ups.com/_onelink_/ups/sites/www.ups.com/en2engb/ |
211 B 730 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ClientPage.css
media-us1.digital.nuance.com/media/sites/10005649/flash///UPS-2020-CARE-DT-UK_EN/ |
17 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
UPS_logo.svg
www.ups.com/assets/resources/images/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
icp.gif
www.ups.com/img/ |
43 B 596 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
styles.7d4255341a2c49ba8357.bundle.css
www.ups.com/track/client/ |
259 B 781 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onelink-csx.js
www.ups.com/_onelink_/ups/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
U3Pl9NAzs
www.ups.com/JARCdAzhM/93XT/IY_Ag/OJJ5mh0kL7GO/SyYxWAA-BA/eS/ |
77 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ResizeCorner.gif
media-us1.digital.nuance.com/media/sites/10005649/flash/UPS-2020-CARE-DT-UK_EN/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
clear.gif
media-us1.digital.nuance.com/media/sites/10005649/flash/UPS-2020-CARE-DT-UK_EN/ |
43 B 390 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CoreModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
92 KB 27 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FeedbackButtonModule.js
siteintercept.qualtrics.com/dxjsmodule/ |
51 KB 18 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
wr-dialog-close-btn-black.png
siteintercept.qualtrics.com/WRQualtricsShared/Graphics/siteintercept/ |
256 B 777 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
up_loader.1.1.0.js
www.ups.com//js.adsrvr.org/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
www-widgetapi.js
www.youtube.com/s/player/11aba956/www-widgetapi.vflset/ |
125 KB 42 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
utag.js
www.ups.com//tags.tiqcdn.com/utag/ups/maestro/prod/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
TADEN-6MDCS-UHH5M-YHPKQ-2GBH3
s.go-mpulse.net/boomerang/ Frame 7A13 |
205 KB 49 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
36 KB 36 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
U3Pl9NAzs
www.ups.com/JARCdAzhM/93XT/IY_Ag/OJJ5mh0kL7GO/SyYxWAA-BA/eS/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
nuance-chat.html
www.ups.com/nuance/ Frame 6634 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
activityi;dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26t...
6451349.fls.doubleclick.net/ Frame 972C Redirect Chain
|
562 B 462 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
up
insight.adsrvr.org/track/ Frame EDB2 |
0 182 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D...
adservice.google.com/ddm/fls/i/ Frame 4E27 |
561 B 530 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.json
c.go-mpulse.net/api/ Frame 7A13 |
68 B 346 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
dc_pre=CO6Q0fDauvECFdwTBgAdFK4GiA;src=6451349;type=sitev;cat=upsal0;ord=976368047718;gtm=2od690;auiddc=1131206674.1623836179;ps=1;~oref=https%3A%2F%2Fwww.ups.com%2Ftrack%3Floc%3Den_gb%26tracknum%3D...
6451349.fls.doubleclick.net/ddm/fls/r/ Frame 663F Redirect Chain
|
703 B 472 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
conversion.js
www.googleadservices.com/pagead/ Frame 663F |
44 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863311277/ Frame 663F |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3-29 |
/
www.google.com/pagead/1p-user-list/863311277/ Frame 663F |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
www.google.de/pagead/1p-user-list/863311277/ Frame 663F |
42 B 108 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
U3Pl9NAzs
www.ups.com/JARCdAzhM/93XT/IY_Ag/OJJ5mh0kL7GO/SyYxWAA-BA/eS/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.ups.com
- URL
- https://www.ups.com/JARCdAzhM/93XT/IY_Ag/OJJ5mh0kL7GO/SyYxWAA-BA/eS/U3Pl9NAzs
- Domain
- www.ups.com
- URL
- https://www.ups.com/JARCdAzhM/93XT/IY_Ag/OJJ5mh0kL7GO/SyYxWAA-BA/eS/U3Pl9NAzs
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: UPS (Transportation)98 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| scriptUrl object| ttPolicy object| YT object| YTConfig function| onYTReady object| utag_data function| _toConsumableArray function| _slice function| $ function| jQuery object| H5F object| ParsleyExtend object| ParsleyConfig object| psly object| Parsley object| ParsleyUtils object| ParsleyValidator object| ParsleyUI object| parsley object| html5 object| Modernizr string| BOOMR_API_key object| BOOMR number| BOOMR_lstart object| google_tag_manager object| dataLayer function| GooglemKTybQhCsO function| google_trackConversion object| yt function| ytDomDomGetNextId object| ytEventsEventsListeners object| ytEventsEventsCounter object| ytPubsubPubsubInstance object| ytPubsubPubsubTopicToKeys object| ytPubsubPubsubIsSynchronous object| ytPubsubPubsubSubscribedKeys object| ytLoggingTransportGELQueue_ object| ytLoggingTransportTokensToCttTargetIds_ object| ytLoggingGelSequenceIdObj_ object| ytglobal object| ytPubsub2Pubsub2Instance object| ytPubsub2Pubsub2SubscribedKeys object| ytPubsub2Pubsub2TopicToKeys object| ytPubsub2Pubsub2IsAsync object| ytPubsub2Pubsub2SkipSubKey string| expand string| collapse string| wems_country string| wems_locale string| wems_ext_locale string| wems_ts undefined| $location object| obj_live_chat string| alertsUrl string| rightRailLabel object| popularTerms undefined| siiDialog string| g_sOtxAccount string| g_sOtxService function| g_oObserveDOM function| ModifyObject function| OneLinkAPICall function| OneLinkSortCall function| ObjectAlreadyModified function| OneLinkGlobalInit object| _ac object| _cf object| bmak number| bm_counter object| bm_script undefined| scripts string| bm_url object| url_split string| obfus_state_field string| state_field_str string| _sd_trace function| op object| __core-js_shared__ object| core object| BOOMR_mq number| BOOMR_onload2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .doubleclick.net/ | Name: IDE Value: AHWqTUnFrjBKU51G75O3LevpGa80yWQUVE1Lm4iAcYswMNzfJ1lMbx9A4aoU-goNesQ |
|
| ups-redeliver.com/ | Name: PHPSESSID Value: 77db019232473a70dcd4574d82ceaabc |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| X-Content-Type-Options | nosniff |
| X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
6451349.fls.doubleclick.net
adservice.google.com
adservice.google.de
c.go-mpulse.net
cdn5.userzoom.com
connect.facebook.net
googleads.g.doubleclick.net
insight.adsrvr.org
media-us1.digital.nuance.com
s.go-mpulse.net
siteintercept.qualtrics.com
ups-redeliver.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.ups.com
www.youtube.com
www.ups.com
104.17.208.240
104.84.57.177
142.250.184.194
142.250.185.198
209.197.3.16
2606:4700:3030::ac43:8a85
2620:1ec:48::44
2a00:1450:4001:808::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2008
2a00:1450:4001:830::200e
2a02:26f0:6c00:19c::11a6
2a02:26f0:6c00:2b9::11a6
2a03:2880:f01c:8012:face:b00c:0:3
52.50.64.214
0130f0f5a7d2a1791fa84865db5b7f9cdcac4b0a4fbe90fef182164b65c00343
09ebd7f407439990aac227e70da23e1a819e8e30282928e324370805f480bec4
0f506a0bf099d96a1f34c7c23cb74929b8fa381d4114509f9aef2273f2c852b3
1c979e1a7ccd5dfb380d99b6190410a869f2341fd916d1cf78b72c48a227c34d
2547640cd989b80083eb3ade2a4993c1776a1229cfffd41adeb0fef3e86eaf2b
3217a6955b600825965f424d1cf73bc156ade880bcb4e16760cfe1771e2da89e
45e8aa7ebbca7aa7be5e368b6b3bbb80c5f10fdccadfe603d9126c151991d022
5529d1ed04800cac5025e16a8131f240b84e209b54ed9649fa455f90e0e6d276
59559979bbbd9072aee1a8a3a16c2bbb9a744ba0d0800b8ec676edb8a1078917
60d8bbf94b68eb5dff990ba0a61b5a4af8f2ed0cfd4a0dbf8de598658cebc6c5
6216350f8f0b2a5db239a96a6df67af9ac4db6fcbbd468f00fa41bfeb0f2249b
62b25592dbae1a88cc8a7a966833f5dcf96db9c607bbeb2b94f85257f6bae0d4
630c46cee50a16dce8b108b804eebb76bb20b8488f87b013cf9a5e14f7eaa095
6c7e5522fc36167be8cc4aa9374770dcd65e91eab085379f036c89498b247910
6cf7b445e7fa6bdc5b78ec5fa3726ce87f6ba7c0049ee89949253ad435c2b884
717b9ba383577e262e1d283c7e78707ec885da62d8ba51430532b265e1a12ede
7321405d9f85515e7f01864c7b0c71b85f674f5fa6b73a18ff7679f81337abe8
7759c48f08377f47b191fa94bd3cacbae1d813409f410a9f98b970940c39f0d6
7923c5df4689d8e2b03d4b24349057eb7415f9d70b6cd91975fd19814b402821
79fcef7a0549ef72c11fc65e27b2e6bb1194eab7d9717980091bc577cfb9b73f
7b38222a9a8c068b87c941bbe1614c91231a40a1242c8c50b00c6f6a996e8f59
7fc3967cd5687896e37cfe00fde9508934c3abb171dafe6ba3706b38b6ca36cb
821b95ba5d30e8a56f1001b8b53e6f757d686d61125440cd8cbff8e95d1b96aa
832d2c5d559a32f0002a2e1452f2c7572aeb8b65648e2883b3d1da4bf56cc82a
8cc40f469a084bf75b0d3abf378ee37da090f147bcf062c3adfe590278f2d6fd
90e0e16216b67855eae2ec584ab1698eeb46cfcbe3ea69c03dbcc3314b6c7f77
9140856dade41b5dbb449d64a978e3d6a1731826e8b44c5483fe0b7b40d1a4d0
92bd24374fb205c765a133d522acb2772693d2ccd486b7855e2447918de296a1
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a41e548575bfb91837d358d7b40bac8df0886b4ead1f2eb716e1d2d18e5307f1
b6f911ba8158fafaac0e01b5c737957f9a334697c5fd7d935a68795e9d9e1c00
c41b0c2c06d41f505280bb0ac13af0f0428635605d04fc616f3b364e57bcbeea
c70c4a18b172d6def01af0bad476a2660124957efdb391be5e8d480df1a4b677
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0601d78c2afe7e5a1d27f5293978389bcba1f6175e575548ed4a395b85bd052
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8a5ef8e6f858e654f0d4e720690b03e032922a95f016923040c5f0e8f8c69fb
ed42e6dd35fbfb8d0039d5d1147b38c9efc208da27c458c1f6553d9d55af4101
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff4c7f78fabf46226b298888938c85635d5f07d8a81b71a2ee4facde2c7619fb
ff829c034ce4af1a1e2600ad8acf15c7cccfde10d7f250983deea1ff743fc880