dumedpower.net
Open in
urlscan Pro
180.235.151.80
Malicious Activity!
Public Scan
Submission: On January 25 via automatic, source openphish
Summary
TLS certificate: Issued by Let's Encrypt Authority X3 on December 31st 2017. Valid for: 3 months.
This is the only time dumedpower.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: BT (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
40 | 180.235.151.80 180.235.151.80 | 45731 (ARDH-AS-I...) (ARDH-AS-ID ARDH GLOBAL INDONESIA) | |
2 | 34.249.129.167 34.249.129.167 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
2 | 92.123.93.102 92.123.93.102 | 16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies) | |
1 4 | 63.140.41.102 63.140.41.102 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 1 | 66.117.28.86 66.117.28.86 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 178.79.227.144 178.79.227.144 | 22822 (LLNW) (LLNW - Limelight Networks) | |
7 | 216.58.208.34 216.58.208.34 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 2 | 172.82.228.20 172.82.228.20 | 15224 (OMNITURE) (OMNITURE - Adobe Systems Inc.) | |
1 | 23.23.180.10 23.23.180.10 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
9 | 172.217.21.226 172.217.21.226 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
10 | 172.217.21.225 172.217.21.225 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 68.142.68.29 68.142.68.29 | 22822 (LLNW) (LLNW - Limelight Networks) | |
4 | 68.142.70.29 68.142.70.29 | 22822 (LLNW) (LLNW - Limelight Networks) | |
82 | 13 |
ASN45731 (ARDH-AS-ID ARDH GLOBAL INDONESIA, PT, ID)
PTR: perenjak.satuinfo.com
dumedpower.net |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-249-129-167.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a92-123-93-102.deploy.akamaitechnologies.com
assets.adobedtm.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
PTR: bt.com.ssl.sc.omtrdc.net
smetrics.bt.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
cm.everesttech.net |
ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-178-79-227-144.vie.llnw.net
assets.bt.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net
www.googletagservices.com | |
adservice.google.de | |
adservice.google.com | |
pagead2.googlesyndication.com |
ASN15224 (OMNITURE - Adobe Systems Inc., US)
britishtelecom.112.2o7.net |
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-23-180-10.compute-1.amazonaws.com
ws.sessioncam.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s13-in-f225.1e100.net
tpc.googlesyndication.com |
ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-68-142-68-29.any.llnw.net
home.bt.com | |
img01.bt.co.uk |
ASN22822 (LLNW - Limelight Networks, Inc., US)
PTR: https-68-142-70-29.any.llnw.net
img01.bt.co.uk |
Apex Domain Subdomains |
Transfer | |
---|---|---|
40 |
dumedpower.net
dumedpower.net |
2 MB |
14 |
googlesyndication.com
tpc.googlesyndication.com pagead2.googlesyndication.com |
239 KB |
9 |
doubleclick.net
securepubads.g.doubleclick.net |
89 KB |
6 |
bt.com
1 redirects
smetrics.bt.com assets.bt.com home.bt.com |
6 KB |
5 |
bt.co.uk
img01.bt.co.uk |
74 KB |
2 |
2o7.net
1 redirects
britishtelecom.112.2o7.net |
737 B |
2 |
adobedtm.com
assets.adobedtm.com |
25 KB |
2 |
demdex.net
dpm.demdex.net |
2 KB |
1 |
google.com
adservice.google.com |
664 B |
1 |
google.de
adservice.google.de |
664 B |
1 |
sessioncam.com
ws.sessioncam.com |
419 B |
1 |
googletagservices.com
www.googletagservices.com |
6 KB |
1 |
everesttech.net
1 redirects
cm.everesttech.net |
527 B |
82 | 13 |
Domain | Requested by | |
---|---|---|
40 | dumedpower.net |
dumedpower.net
|
10 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
|
9 | securepubads.g.doubleclick.net |
www.googletagservices.com
securepubads.g.doubleclick.net dumedpower.net |
5 | img01.bt.co.uk |
dumedpower.net
|
4 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
dumedpower.net |
4 | smetrics.bt.com |
1 redirects
dumedpower.net
assets.adobedtm.com |
2 | britishtelecom.112.2o7.net |
1 redirects
dumedpower.net
|
2 | assets.adobedtm.com |
dumedpower.net
|
2 | dpm.demdex.net |
dumedpower.net
|
1 | home.bt.com |
dumedpower.net
|
1 | adservice.google.com |
www.googletagservices.com
|
1 | adservice.google.de |
www.googletagservices.com
|
1 | ws.sessioncam.com |
dumedpower.net
|
1 | www.googletagservices.com |
dumedpower.net
|
1 | assets.bt.com |
dumedpower.net
|
1 | cm.everesttech.net | 1 redirects |
82 | 16 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dumedpower.net Let's Encrypt Authority X3 |
2017-12-31 - 2018-03-31 |
3 months | crt.sh |
This page contains 4 frames:
Primary Page:
https://dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page.html
Frame ID: (80D670C946C5BBBDD797571CD04CD7D5)
Requests: 68 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/pagead/js/r20180122/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: (D20338B52D7B99603A1C6682F0861AEC)
Requests: 5 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/pagead/js/r20180122/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: (AF48E6A71A1E4859284870AF5CC5C754)
Requests: 5 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/simgad/8699516183314025585
Frame ID: (B1DCB4EC3F29249623B8E2D190DA688B)
Requests: 5 HTTP requests in this frame
Screenshot
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
DoubleClick for Publishers (DFP) (Advertising Networks) Expand
Detected patterns
- script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Google AdSense (Advertising Networks) Expand
Detected patterns
- script /googlesyndication\.com\//i
- env /^__google_ad_/i
- env /^Goog_AdSense_/i
Google Analytics (Analytics) Expand
Detected patterns
- env /^gaGlobal$/i
Google Tag Manager (Tag Managers) Expand
Detected patterns
- env /^googletag$/i
Modernizr (JavaScript Libraries) Expand
Detected patterns
- script /modernizr(?:-([\d.]*[\d]))?.*\.js/i
- env /^Modernizr$/i
SiteCatalyst (Analytics) Expand
Detected patterns
- env /^s_(?:account|objectID|code|INST)$/i
jQuery (JavaScript Libraries) Expand
Detected patterns
- script /jquery.*\.js/i
- env /^jQuery$/i
Page Statistics
34 Outgoing links
These are links going to different origins than the main page.
Title:
Search URL Search Domain Scan URL
Title: Sign Up
Search URL Search Domain Scan URL
Title: BT ID?
Search URL Search Domain Scan URL
Title: password?
Search URL Search Domain Scan URL
Title: Security
Search URL Search Domain Scan URL
Title: Help
Search URL Search Domain Scan URL
Title: Track your order >
Search URL Search Domain Scan URL
Title: Report or track a fault >
Search URL Search Domain Scan URL
Title: Pay a bill >
Search URL Search Domain Scan URL
Title: Get help or contact us >
Search URL Search Domain Scan URL
Title: Download the My BT App >
Search URL Search Domain Scan URL
Title: Go to our email log in page >
Search URL Search Domain Scan URL
Title: For business and public sector
Search URL Search Domain Scan URL
Title: For global business
Search URL Search Domain Scan URL
Title: BT Group
Search URL Search Domain Scan URL
Title: Wifi
Search URL Search Domain Scan URL
Title: MyDonate
Search URL Search Domain Scan URL
Title: BT Ireland
Search URL Search Domain Scan URL
Title: BT Shop
Search URL Search Domain Scan URL
Title: Business Direct
Search URL Search Domain Scan URL
Title: Openreach
Search URL Search Domain Scan URL
Title: The Phone Book
Search URL Search Domain Scan URL
Title: BT Wholesale
Search URL Search Domain Scan URL
Title: BT Redcare
Search URL Search Domain Scan URL
Title: Contact BT
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Sitemap
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Terms of use
Search URL Search Domain Scan URL
Title: Codes of practice
Search URL Search Domain Scan URL
Title: Make a complaint
Search URL Search Domain Scan URL
Title: T&Cs
Search URL Search Domain Scan URL
Title: Modern Slavery Transparency Statement
Search URL Search Domain Scan URL
Title: BT Including You - helping you communicate
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 31- https://smetrics.bt.com/id?d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=0AA54673527831890A490D45%40AdobeOrg&mid=86526239289900801021343350894417035004&ts=1516901249675 HTTP 302
- https://britishtelecom.112.2o7.net/id?AQB=1&vmh=smetrics.bt.com&vmf=britishtelecom.112.2o7.net&g=https%3A%2F%2Fdumedpower.net%2F&d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=0AA54673527831890A490D45%40AdobeOrg&mid=86526239289900801021343350894417035004&ts=1516901249675&AQE=1
- https://cm.everesttech.net/cm/dd?d_uuid=84018908999266634032173341249156080241 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=WmoTggAAAbNKUFCY
- https://britishtelecom.112.2o7.net/id?AQB=1&vmh=smetrics.bt.com&vmf=britishtelecom.112.2o7.net&g=https%3A%2F%2Fdumedpower.net%2F&d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=0AA54673527831890A490D45%40AdobeOrg&mid=86526239289900801021343350894417035004&ts=1516901249675&AQE=1 HTTP 302
- https://smetrics.bt.com/id?AQB=1&vmr=true&&vmh=smetrics.bt.com&vmf=britishtelecom.112.2o7.net&g=https%3A%2F%2Fdumedpower.net%2F&d_visid_ver=2.5.0&d_fieldgroup=A&mcorgid=0AA54673527831890A490D45%40AdobeOrg&mid=86526239289900801021343350894417035004&ts=1516901249675&AQE=1
82 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Login%20Page.html
dumedpower.net/wp-includes/js/plupload/btinternet/ |
25 KB 25 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
integrator.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
121 B 375 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
integrator_002.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
121 B 375 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
osd.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
80 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads_004
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
10 KB 10 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
10 KB 10 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads_003
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
305 B 521 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubads_impl_rendering_170.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
12 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ads_002
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
10 KB 10 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s41868232595816.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
480 B 734 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common-reset.css
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
64 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
common.css
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
178 KB 179 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bts-common.css
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
88 KB 89 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
override.css
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
6 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
analytics.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
35 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
gpt.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
13 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aref.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
460 B 714 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satelliteLib-28ad43fa1f4e448fdaa054e551be11683b9281c5.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
134 KB 134 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satellite-5a0c59c464746d54a7006fc7.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
141 B 395 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modernizr_jquery_cookies.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
107 KB 108 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dantegh.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
46 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sportnav.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
62 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-footer.css
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
8 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sessioncam.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
266 KB 266 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s-code-contents-02f8e9784177427c51d49f1210e940a45e304a53.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
67 KB 67 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubads_impl_170.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
201 KB 201 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cookies.css
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
99 KB 99 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
819 B 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bt-login-logo-136423637730102601-171211194315.png
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dantegf.js
dumedpower.net/wp-includes/js/plupload/btinternet/Login%20Page_files/ |
7 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
685 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
satellite-5a0c59c464746d54a7006fc7.js
assets.adobedtm.com/30f1e21a9faf6694a4a570ef4bf0b87126ec4eff/scripts/ |
141 B 537 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
britishtelecom.112.2o7.net/ Redirect Chain
|
0 -1 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=WmoTggAAAbNKUFCY
dpm.demdex.net/ Redirect Chain
|
42 B 767 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 KB 0 |
Font
font/truetype |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
override.css
assets.bt.com/v1/btcomd/assets/css/ |
6 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
gpt.js
www.googletagservices.com/tag/js/ |
13 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
smetrics.bt.com/ Redirect Chain
|
0 -1 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
smetrics.bt.com/ |
49 B 397 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
config.aspx
ws.sessioncam.com/Record/ |
145 B 419 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bg_graybutton.png
dumedpower.net/wp-includes/js/plupload/btinternet/images/ |
639 B 639 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
error.png
dumedpower.net/wp-includes/js/plupload/btinternet/images/ |
639 B 639 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
logintextboxbg.png
dumedpower.net/wp-includes/js/plupload/btinternet/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
icons-sprite-8bit.png
dumedpower.net/wp-includes/js/plupload/btinternet/images/ |
1 KB 1 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LoginButtonBg.png
dumedpower.net/wp-includes/js/plupload/btinternet/images/ |
211 B 452 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
login-back.png
dumedpower.net/wp-includes/js/plupload/btinternet/images/ |
224 B 224 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bg_cxtHelp.png
dumedpower.net/wp-includes/js/plupload/btinternet/images/ |
869 B 869 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
integrator.js
adservice.google.de/adsid/ |
108 B 664 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
integrator.js
adservice.google.com/adsid/ |
108 B 664 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pubads_impl_175.js
securepubads.g.doubleclick.net/gpt/ |
178 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ads
securepubads.g.doubleclick.net/gampad/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pubads_impl_rendering_175.js
securepubads.g.doubleclick.net/gpt/ |
33 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ads
securepubads.g.doubleclick.net/gampad/ |
489 B 816 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ads
securepubads.g.doubleclick.net/gampad/ |
10 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ads
securepubads.g.doubleclick.net/gampad/ |
9 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
container.html
tpc.googlesyndication.com/safeframe/1-0-15/html/ |
0 0 |
Other
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ajaxapic
home.bt.com/ |
4 KB 1 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-footer.css
img01.bt.co.uk/s/assets/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s-code-contents-02f8e9784177427c51d49f1210e940a45e304a53.js
assets.adobedtm.com/30f1e21a9faf6694a4a570ef4bf0b87126ec4eff/ |
67 KB 24 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s33150880385684
smetrics.bt.com/b/ss/btcom/10/JS-2.5.0-D7QN/ |
480 B 985 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
responsive-footer.min.js
img01.bt.co.uk/s/assets/js/ |
970 B 958 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BT_mark_4col_rev_105x50.png
img01.bt.co.uk/s/assets/images/logo/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
BTFont_Rg.woff
dumedpower.net/wp-includes/js/plupload/btinternet/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bttvicons.woff
dumedpower.net/wp-includes/js/plupload/btinternet/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
m_window_focus_non_hydra.js
tpc.googlesyndication.com/pagead/js/r20180122/r20110914/client/ext/ Frame (D20 |
3 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180122/r20110914/activeview/ Frame (D20 |
33 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
17178775127503219485
tpc.googlesyndication.com/simgad/ Frame (D20 |
164 KB 165 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
osd.js
pagead2.googlesyndication.com/pagead/ |
83 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
view
securepubads.g.doubleclick.net/pcs/ Frame (D20 |
0 281 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
BTFont_Rg.woff
img01.bt.co.uk/s/assets/fonts/bt/ |
58 KB 58 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bttvicons.woff
img01.bt.co.uk/s/assets/fonts/bt/ |
8 KB 9 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
m_window_focus_non_hydra.js
tpc.googlesyndication.com/pagead/js/r20180122/r20110914/client/ext/ Frame (AF4 |
3 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
osd_listener_heavy.js
tpc.googlesyndication.com/pagead/js/r20180122/r20110914/activeview/ Frame (AF4 |
80 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
8699516183314025585
tpc.googlesyndication.com/simgad/ Frame (AF4 |
119 B 234 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
view
securepubads.g.doubleclick.net/pcs/ Frame (AF4 |
0 47 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
8699516183314025585
tpc.googlesyndication.com/simgad/ Frame (B1D |
119 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
m_window_focus_non_hydra.js
tpc.googlesyndication.com/pagead/js/r20180122/r20110914/client/ext/ Frame (B1D |
3 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
osd_listener.js
tpc.googlesyndication.com/pagead/js/r20180122/r20110914/activeview/ Frame (B1D |
33 KB 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headersResponse headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
view
securepubads.g.doubleclick.net/pcs/ Frame (B1D |
0 128 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
activeview
pagead2.googlesyndication.com/pcs/ Frame (D20 |
42 B 178 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
activeview
pagead2.googlesyndication.com/pcs/ Frame (AF4 |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
activeview
pagead2.googlesyndication.com/pcs/ Frame (B1D |
42 B 110 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
bttvicons.woff2
dumedpower.net/wp-includes/js/plupload/btinternet/fonts/bt/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: BT (Telecommunication)87 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| google_js_reporting_queue function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure object| digitalData function| Visitor object| _satellite object| s_c_il number| s_c_in function| searchAnalytics object| btCookiesAPI object| Modernizr object| html5 function| yepnope function| $ function| jQuery function| getInternetExplorerVersion boolean| jQueryScriptOutputted undefined| searchStatusVal object| DanteGH object| Encoder object| user function| jqdgh object| SportNav string| static_root string| s_pageName object| omni object| funccmd boolean| sportpage object| ads object| googletag function| reportErrors undefined| target function| mobileSearchBTS string| loginpagetype function| html5shim object| sessionCamRecorder function| SessionCamRecorder number| scInitTime0 function| sessionCamJQuery string| s_account function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement function| s_gi function| s_pgicq function| DIL number| s_objectID number| s_giq string| omni_pagetype string| pageType string| advertag string| bghexcolor string| ua boolean| browser string| userAgent object| googleToken object| googleIMState function| processGoogleToken object| GPT_jstiming undefined| google_measure_js_timing string| slottag boolean| google_noFetch boolean| google_DisableInitialLoad number| __google_ad_urls_id number| google_unique_id object| closure_memoize_cache_ object| gaGlobal object| DanteGF object| FooterEncoder function| jqdgf object| footerconfig undefined| loadgf function| videoAnalytics function| shareEventHandler string| value object| s_i_btcom function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter object| google_timing_params object| __google_ad_urls object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| ga object| gaplugins function| google_osd_amcb1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
dumedpower.net/ | Name: wfvt_3335786383 Value: 5a6a1386821aa |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
adservice.google.com
adservice.google.de
assets.adobedtm.com
assets.bt.com
britishtelecom.112.2o7.net
cm.everesttech.net
dpm.demdex.net
dumedpower.net
home.bt.com
img01.bt.co.uk
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
smetrics.bt.com
tpc.googlesyndication.com
ws.sessioncam.com
www.googletagservices.com
172.217.21.225
172.217.21.226
172.82.228.20
178.79.227.144
180.235.151.80
216.58.208.34
23.23.180.10
34.249.129.167
63.140.41.102
66.117.28.86
68.142.68.29
68.142.70.29
92.123.93.102
05ad22ffa00e655ef14734601a87649b4e2df3ba9d98affb679cd4610b896b3f
06714b02aa9880a2c19fe1ba7b39aba989d6cf41aaf153d08d738a1f91204138
0e409c2ac2e48a7f6929b24b22359cf833c861f54712792c0186e5515b7d8721
13745cb3c755820748ba7db3ad2ce417d93282f4165351835bfeb90bd76b14fa
177bcc4db909ec4f7d7571f729e1869e4da0263bdeb8437e4d808d8274cb1c59
1c321e859cb0a6208b4f9c42c2387a3ef4330a67bdfa1b3532a7a8834fcc40e8
329fd2e84edd9ee5d9b5dd7c72e8c335257968a912a229f1f0b04cba389c16fe
330c54b74b453f6d086933cce146ead03e561fc20321119e5551657f0a1c433f
330ec3f8315a1e5f04b5212a4587a6c2560bb10ba3e72c4917057a6cddd31c65
393aeef08c8f56a830a77dcd1c2a02ffa3c3b1f7fa36d482e2639d689cf35a73
3eccef7ce1500c88692c709a0d3b2c7902b389c1bda3bd1c667718eaa537a5f4
4023e2b441e70f6023c742ccf7ec7b0a6322e9ffb9312a6935cf51492486d8eb
453bc0ed97f15aaa06d3a735087242415cfeaba1ff79d19f1d774c9607cd81e9
46211170b302e9e5681edc1058cf78e0a1bddf145a2801e8f0c80d9e02cdd167
46e06acd7365a44188d178f8afbb6421784a264088a563ff82aea209064f67cb
4bf8c38a6e2f8f568bd7bc65480d0f233666737785a693d9c7eaeaa9f0e999ff
53e22a2e1e3d96369d8ff65447299465060b0c91bf30e8ab2228d4789a9c6d15
5b9ab97652a6f90ec91d5d433128d0690b14ed40b70b0c4c8532181b9309c284
5fec331e4a79b49d22b0c9dc7ea1db7f7b9daac7b405a1465b764d563a24b0c0
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
634ff596e5d24ce79c4a836ef8febe87c883fd40d1dbf851624fe15598d4544c
6414efb8ddad0f17b7c4e24cf0211dcff4d77b637c048d6e640c2ee95c17d344
72cdde54cb5873078eccfab3f4d0e94a6d375e2a767fe66882601663686eed43
7583bdd341399e600785dab65ac725a95dced3b0054ed8ca9b8d69fbde04def8
7a3d65a295c3943b5bd7ba0047a398a9558a53113e738532b50ec0c78aac62d5
7deb5405a84486905b040b40d17438fbdfe40db3e1fff910992758e27dc59d43
833fa9ecae5d8195bc9d2adac23249c795d92ce5fb47b5c235f050c8c04e3994
8988621a26e02340c10e890ce55d677ddd3e082d26911768961ea86dd0f57641
91d32af051d9ace7282b43d300b85debad94fa8659ee69f3e7616e4e1a7605e2
96b1d01ed146880143896f7dfcd1af38db57a0a62f1056f7b6bc45ea134ba4e5
a2ea72aac1d255823b18f4e67a137511ba739e11b3d8267bdfe6ea63c43abb7d
a9b28c7b260b061c77691f803ea0a56c7f4bee3968281db6c1aaec10d60093dd
aa99279e9958d454df0cb54e1eededb3876876f6f43b1946dbc51489f947ace8
b0270e27845d6653ff7a318450e106a69795038ac2a179b079d488ddb4e783d1
b1a533f44e375043f33761dd584a9a770ac8eed347bc1abd337e99233f2cfb97
b4b4d0e05bdb0bfb2d9fc303650074bb5eea61d09de950293b9e83501cc3cfe8
b596a0822ed1306c70ddae0407aa9596d14dda447807235d0f4b18febcbc46fa
bcb7734e1e3fcbcd408fdb08f9f94d79ffc14dc6dd29adc0dd3a9fed5559ff15
be6f4025d24e0622e1defef4a43ce3c952e335762a80934efc30eee146235d30
beb93ab36466dd7d5c025abd825efdf485f511ceb10ea13fd89d8293fd33dd7e
bf3d690aa9b5f1d2a42d542dba5659dfd210d073ae214ae59eb0466f74c7960d
c471c762b4eb8ce3aac5aec2b1aac9bf9e8ccb8d2fe84d74c940e9ad2c5bc168
c4b8695a18bd102253ab15b1fdd4bfd85395259c67504d051204fd207d841ac3
cb0b5796c28242e8bfb982df2a6098ddf52e040cea29b6fdd379a65ad00071ca
ce8b6eb65bcf22075d921844f12bdb762f49970d2897bbd6af398728535f2ef5
ceb5fca8455dd19f70f18ab87b45f09447d254fe1fec29d2f4690ca803df6932
d1a596f14425ca6825185ffefef827af5e7958ef109eeb0bcc66dafbcd19131f
d378dc48bc6b69af06c436cf92c0be294f2cf267ca0d3684e3e0d04db136cb5e
e0309515da3b85ae33a657c6f0385e2afcec05aeb5198635820a60962d028162
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65e3762b907372f2fffb42e182fbc7388f4f3f1a312b94831ef284b6a535f9f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef203c78f49eb32821e0c6ce993bb2d35a0c58fe770fe5ccbcfe5585a01e2ba4
ef5e74b8853c69d0d3c74fa26270206935e683d4f4f2264175eb5a3454894f44
f0f33772842cd93028312d91e8aa4bd3b847be61541967188df967b726007d78
f17c52d128492e3041982fb68e8aef913b60dacdffae62cb260af2a67eaec603
f395e237d68c9c4a5719d8adab99cf73c2d4bb8c106d9b4d25b3186ce18f88f9
f7f01b88ce02ef5cea643456b40db905f4bd8dcdba1092bbd9ce2e5711a51a27
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fb4f69078c24ab4a77db8c99fd19f05ead8878306c9e79b08656feb9ebcc328e
fcc6715e9b73cb3c1c1b8042fb590efc76697e6187fcada5c5315180252f98d8