www.vcol.co.uk
Open in
urlscan Pro
85.205.251.49
Malicious Activity!
Public Scan
Effective URL: https://www.vcol.co.uk/eplite/approval.html?a=a&r=701322209&c=c4497a__;!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oobYXAehgMOpyEg06kL...
Submission: On March 06 via manual from US — Scanned from IT
Summary
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on December 5th 2023. Valid for: a year.
This is the only time www.vcol.co.uk was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Vodafone (Telecommunication)Domain & IP information
ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-67-28.eu-west-1.compute.amazonaws.com
dpm.demdex.net | |
vodafoneuk.demdex.net |
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-17.data.adobedc.net
smetrics.vodafone.co.uk |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-77-9.eu-west-1.compute.amazonaws.com
assets.vodafone.co.uk |
ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com |
ASN16509 (AMAZON-02, US)
lantern.roeyecdn.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
vodafoneuk.digital.nuance.com |
ASN15224 (OMNITURE, US)
PTR: ip-66-235-152-225.data.adobedc.net
vodafoneuk.tt.omtrdc.net |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
cm.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-141-121.eu-west-1.compute.amazonaws.com
lantern.roeye.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
media-uk1.digital.nuance.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com
cms.analytics.yahoo.com | |
ups.analytics.yahoo.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
cobrowse-vodafoneuk.digital.nuance.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
22 |
nuance.com
vodafoneuk.digital.nuance.com — Cisco Umbrella Rank: 175874 media-uk1.digital.nuance.com — Cisco Umbrella Rank: 97103 cobrowse-vodafoneuk.digital.nuance.com — Cisco Umbrella Rank: 254602 |
818 KB |
13 |
vcol.co.uk
2 redirects
www.vcol.co.uk — Cisco Umbrella Rank: 369617 |
400 KB |
10 |
cookielaw.org
cdn.cookielaw.org — Cisco Umbrella Rank: 334 |
161 KB |
8 |
demdex.net
2 redirects
dpm.demdex.net — Cisco Umbrella Rank: 246 vodafoneuk.demdex.net — Cisco Umbrella Rank: 63299 |
8 KB |
5 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1234 |
75 KB |
3 |
amazon-adsystem.com
2 redirects
s.amazon-adsystem.com — Cisco Umbrella Rank: 329 |
2 KB |
3 |
vodafone.co.uk
smetrics.vodafone.co.uk — Cisco Umbrella Rank: 164327 assets.vodafone.co.uk — Cisco Umbrella Rank: 173836 |
53 KB |
2 |
yahoo.com
2 redirects
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1473 ups.analytics.yahoo.com — Cisco Umbrella Rank: 428 |
798 B |
2 |
adform.net
2 redirects
c1.adform.net — Cisco Umbrella Rank: 618 |
1 KB |
2 |
doubleclick.net
2 redirects
cm.g.doubleclick.net — Cisco Umbrella Rank: 271 |
958 B |
2 |
adnxs.com
2 redirects
ib.adnxs.com — Cisco Umbrella Rank: 256 |
2 KB |
1 |
roeye.com
lantern.roeye.com — Cisco Umbrella Rank: 8858 |
130 B |
1 |
omtrdc.net
vodafoneuk.tt.omtrdc.net — Cisco Umbrella Rank: 190231 |
837 B |
1 |
roeyecdn.com
lantern.roeyecdn.com — Cisco Umbrella Rank: 9071 |
2 KB |
61 | 14 |
Domain | Requested by | |
---|---|---|
13 | vodafoneuk.digital.nuance.com |
tags.tiqcdn.com
www.vcol.co.uk media-uk1.digital.nuance.com vodafoneuk.digital.nuance.com |
13 | www.vcol.co.uk |
2 redirects
www.vcol.co.uk
media-uk1.digital.nuance.com |
10 | cdn.cookielaw.org |
www.vcol.co.uk
cdn.cookielaw.org |
8 | media-uk1.digital.nuance.com |
vodafoneuk.digital.nuance.com
media-uk1.digital.nuance.com |
7 | dpm.demdex.net |
2 redirects
www.vcol.co.uk
|
5 | tags.tiqcdn.com |
www.vcol.co.uk
tags.tiqcdn.com |
3 | s.amazon-adsystem.com | 2 redirects |
2 | c1.adform.net | 2 redirects |
2 | cm.g.doubleclick.net | 2 redirects |
2 | ib.adnxs.com | 2 redirects |
2 | assets.vodafone.co.uk |
www.vcol.co.uk
|
1 | cobrowse-vodafoneuk.digital.nuance.com |
media-uk1.digital.nuance.com
|
1 | ups.analytics.yahoo.com | 1 redirects |
1 | cms.analytics.yahoo.com | 1 redirects |
1 | lantern.roeye.com |
www.vcol.co.uk
|
1 | vodafoneuk.tt.omtrdc.net |
tags.tiqcdn.com
|
1 | lantern.roeyecdn.com |
tags.tiqcdn.com
|
1 | smetrics.vodafone.co.uk |
tags.tiqcdn.com
|
1 | vodafoneuk.demdex.net |
tags.tiqcdn.com
|
61 | 19 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.vodafone.co.uk |
investors.vodafone.com |
www.onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.vcol.co.uk DigiCert SHA2 Secure Server CA |
2023-12-05 - 2024-12-04 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2024-03-01 - 2024-12-31 |
10 months | crt.sh |
tags.tiqcdn.com Amazon RSA 2048 M01 |
2023-04-18 - 2024-05-17 |
a year | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
smetrics.vodafone.co.uk DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-10 - 2024-05-10 |
a year | crt.sh |
assets.vodafone.co.uk DigiCert SHA2 Secure Server CA |
2023-10-27 - 2024-10-29 |
a year | crt.sh |
*.roeyecdn.com Amazon RSA 2048 M01 |
2023-10-04 - 2024-10-30 |
a year | crt.sh |
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-14 - 2024-10-11 |
a year | crt.sh |
*.tt.omtrdc.net DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-22 - 2024-09-21 |
a year | crt.sh |
*.roeye.com Amazon RSA 2048 M03 |
2023-11-26 - 2024-12-24 |
a year | crt.sh |
This page contains 4 frames:
Primary Page:
https://www.vcol.co.uk/eplite/approval.html?a=a&r=701322209&c=c4497a__;!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oobYXAehgMOpyEg06kLesKhybfUZk7A4RszdphQQL5uU7ReWxKJPloJ_sDJXRbxqDwKeWSayje$
Frame ID: 4F37E8C107E4ADF1BCA09D15279C9859
Requests: 38 HTTP requests in this frame
Frame:
https://vodafoneuk.demdex.net/dest5.html?d_nsid=0
Frame ID: BED7FDF69AF7E52C4BA84D53AEEF8C36
Requests: 6 HTTP requests in this frame
Frame:
https://www.vcol.co.uk/nuance/nuance-chat.html?IFRAME&nuance-frame-ac=0
Frame ID: 8DED546FEA8C4EE7C26763E2EF7690CF
Requests: 8 HTTP requests in this frame
Frame:
https://vodafoneuk.digital.nuance.com/tagserver/postToServer.min.htm?siteID=10006330&codeVersion=1709290505262
Frame ID: 1B9AF2C49E71A0F032550990E1E1E498
Requests: 9 HTTP requests in this frame
Screenshot
Page Title
VCO Error PageBack ButtonSearch IconFilter IconPage URL History Show full URLs
-
https://www.vcol.co.uk/hub/intermediate/a/701322209/c4497a__;!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oobYXAehg...
HTTP 301
https://www.vcol.co.uk/home/hub/intermediate/a/701322209/c4497a__%3b!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oo... HTTP 302
https://www.vcol.co.uk/eplite/approval.html?a=a&r=701322209&c=c4497a__;!!KEc8uF_xo8-al5zF!Q8KQi6tE-... Page URL
Detected technologies
OneTrust (Cookie compliance) ExpandDetected patterns
- cdn\.cookielaw\.org
- otSDKStub\.js
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
Title: About Us
Search URL Search Domain Scan URL
Title: For Investors
Search URL Search Domain Scan URL
Title: Cookie Policy
Search URL Search Domain Scan URL
Title: Disability Services
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.vcol.co.uk/hub/intermediate/a/701322209/c4497a__;!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oobYXAehgMOpyEg06kLesKhybfUZk7A4RszdphQQL5uU7ReWxKJPloJ_sDJXRbxqDwKeWSayje$
HTTP 301
https://www.vcol.co.uk/home/hub/intermediate/a/701322209/c4497a__%3b!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oobYXAehgMOpyEg06kLesKhybfUZk7A4RszdphQQL5uU7ReWxKJPloJ_sDJXRbxqDwKeWSayje$ HTTP 302
https://www.vcol.co.uk/eplite/approval.html?a=a&r=701322209&c=c4497a__;!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oobYXAehgMOpyEg06kLesKhybfUZk7A4RszdphQQL5uU7ReWxKJPloJ_sDJXRbxqDwKeWSayje$ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 10- https://dpm.demdex.net/id?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=BB2A12535131457C0A490D45%40AdobeOrg&d_nsid=0&ts=1709732733265 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=4.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=BB2A12535131457C0A490D45%40AdobeOrg&d_nsid=0&ts=1709732733265
- https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
- https://dpm.demdex.net/ibs:dpid=358&dpuuid=6452072468123019600
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=Njg0MzUzNzMxNjUwNDg4MDY1NzM4NDc5NDE1NzUxMDMzNDI5NTk= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=Njg0MzUzNzMxNjUwNDg4MDY1NzM4NDc5NDE1NzUxMDMzNDI5NTk=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEDkA296dgy6kKzXV6QPdtGs&google_cver=1?gdpr=0&gdpr_consent=
- https://c1.adform.net/serving/cookie/match?party=1007&cid=68435373165048806573847941575103342959&noredirect=v2 HTTP 302
- https://c1.adform.net/serving/cookie/match?CC=1&party=1007&cid=68435373165048806573847941575103342959&noredirect=v2 HTTP 302
- https://dpm.demdex.net/ibs:dpid=1586&dpuuid=2760058219781063675
- https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=68435373165048806573847941575103342959&gdpr=0&gdpr_consent= HTTP 302
- https://ups.analytics.yahoo.com/ups/58782/cms?partner_id=ADOBE&_hosted_id=68435373165048806573847941575103342959&gdpr=0&gdpr_consent= HTTP 302
- https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-ckv_rg9E2pG8exFPvY4hMNTNnmU28ILQGpM-~A
- https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433 HTTP 302
- https://s.amazon-adsystem.com/dcm?pid=5c420d2b-f139-4fee-b0c0-89a7b8ce9433&dcc=t HTTP 302
- https://dpm.demdex.net/ibs:dpid=139200&dpuuid=dOFuhqyMQGuw5IJMZxpd8w&redir=https%3A%2F%2Fs.amazon-adsystem.com%2Fecm3%3Fex%3Dadobe.com%26id%3D%24%7BDD_UUID%7D HTTP 302
- https://s.amazon-adsystem.com/ecm3?ex=adobe.com&id=68435373165048806573847941575103342959
61 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
approval.html
www.vcol.co.uk/eplite/ Redirect Chain
|
13 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OtAutoBlock.js
cdn.cookielaw.org/consent/50a00dad-7dea-4d2c-a41c-eb0311acf941/ |
7 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/consent/50a00dad-7dea-4d2c-a41c-eb0311acf941/ |
21 KB 7 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ds.min.29062021.css
www.vcol.co.uk/ds/css/ |
170 KB 33 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.sync.js
tags.tiqcdn.com/utag/vodafone/uk-main/prod/ |
156 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logout.svg
www.vcol.co.uk/ds/assets/img/ |
615 B 997 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
chat.svg
www.vcol.co.uk/ds/assets/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.svg
www.vcol.co.uk/ds/assets/img/ |
757 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
light-star.svg
www.vcol.co.uk/ds/assets/img/ |
915 B 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ds.min.04052023.js
www.vcol.co.uk/ds/js/ |
253 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
50a00dad-7dea-4d2c-a41c-eb0311acf941.json
cdn.cookielaw.org/consent/50a00dad-7dea-4d2c-a41c-eb0311acf941/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rd
dpm.demdex.net/id/ Redirect Chain
|
1 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
tags.tiqcdn.com/utag/vodafone/uk-main/prod/ |
131 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vf-logo-2019-tall.png
www.vcol.co.uk/ds/core/assets/img/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon-sacb4bc6bc4.png
www.vcol.co.uk/ds/css/img/ |
237 KB 238 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
VodafoneRg.woff
www.vcol.co.uk/ds/css/fonts/ |
26 KB 26 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/202308.1.0/ |
411 KB 99 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/50a00dad-7dea-4d2c-a41c-eb0311acf941/bc9bc79d-19a7-4f3b-abf2-8d3ab7ffaa83/ |
122 KB 24 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ |
9 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcCenter.json
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ |
62 KB 15 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCommonStyles.css
cdn.cookielaw.org/scripttemplates/202308.1.0/assets/ |
21 KB 4 KB |
Fetch
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
vodafoneuk.demdex.net/ Frame BED7 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
smetrics.vodafone.co.uk/ |
48 B 461 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vodafonelt_woff.woff
assets.vodafone.co.uk/cs/groups/public/documents/fonts/ |
25 KB 26 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
vodafonerg_woff.woff
assets.vodafone.co.uk/cs/groups/public/documents/fonts/ |
26 KB 27 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
img_vodafone__icon.png
cdn.cookielaw.org/logos/49313e11-7132-44c5-aacc-c6f19562ed75/df451680-269f-41e1-b6c5-40b894ee7502/db86215c-666e-4dd6-bfc4-3ebcc52e24b5/ |
3 KB 3 KB |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
powered_by_logo.svg
cdn.cookielaw.org/logos/static/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=358&dpuuid=6452072468123019600
dpm.demdex.net/ Frame BED7 Redirect Chain
|
42 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.888.js
tags.tiqcdn.com/utag/vodafone/uk-main/prod/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.897.js
tags.tiqcdn.com/utag/vodafone/uk-main/prod/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lantern_global_1257.min.js
lantern.roeyecdn.com/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10006330.js
vodafoneuk.digital.nuance.com/chatskins/launch/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
delivery
vodafoneuk.tt.omtrdc.net/rest/v1/ |
353 B 837 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=771&dpuuid=CAESEDkA296dgy6kKzXV6QPdtGs&google_cver=1
dpm.demdex.net/ Frame BED7 Redirect Chain
|
42 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
track.php
lantern.roeye.com/ |
0 130 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=1586&dpuuid=2760058219781063675
dpm.demdex.net/ Frame BED7 Redirect Chain
|
42 B 718 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatLoader.min.js
media-uk1.digital.nuance.com/media/launch/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ibs:dpid=30646
dpm.demdex.net/ Frame BED7 Redirect Chain
|
42 B 717 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ecm3
s.amazon-adsystem.com/ Frame BED7 Redirect Chain
|
43 B 479 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
nuance-chat.html
www.vcol.co.uk/nuance/ Frame 8DED |
363 B 970 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10006330.js
vodafoneuk.digital.nuance.com/chatskins/launch/ Frame 8DED |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatLoader.min.js
media-uk1.digital.nuance.com/media/launch/ Frame 8DED |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pr.min.js
media-uk1.digital.nuance.com/media/launch/ Frame 8DED |
75 KB 9 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site_10006330_default.js
media-uk1.digital.nuance.com/media/launch/ Frame 8DED |
2 MB 161 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcFramework.min.js
media-uk1.digital.nuance.com/media/launch/ Frame 8DED |
528 KB 135 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ads-blocking-detector.min.js
vodafoneuk.digital.nuance.com/tagserver/js/ Frame 8DED |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
postToServer.min.htm
vodafoneuk.digital.nuance.com/tagserver/ Frame 1B9A |
21 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
isTrustedDomain
vodafoneuk.digital.nuance.com/tagserver/init/ Frame 1B9A |
0 298 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
initFramework
vodafoneuk.digital.nuance.com/tagserver/init/ Frame 1B9A |
236 B 657 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InqFramework.js
media-uk1.digital.nuance.com/media/launch/ci/ |
0 224 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre-acif.js
vodafoneuk.digital.nuance.com/tagserver/acif/ |
0 606 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif.js
media-uk1.digital.nuance.com/media/launch/acif/ |
0 112 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif-configs.js
media-uk1.digital.nuance.com/media/sites/10006330/assets/automatons/ |
0 94 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cbc-min.js
cobrowse-vodafoneuk.digital.nuance.com/cobrowse/ Frame 8DED |
152 KB 50 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
logline
vodafoneuk.digital.nuance.com/tagserver/logging/ Frame 1B9A |
43 B 726 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
onEvent
vodafoneuk.digital.nuance.com/tagserver/incrementality/ Frame 1B9A |
0 410 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
agentAvailability
vodafoneuk.digital.nuance.com/tagserver/launch/ Frame 1B9A |
83 B 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
agentAvailability
vodafoneuk.digital.nuance.com/tagserver/launch/ Frame 1B9A |
83 B 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
agentAvailability
vodafoneuk.digital.nuance.com/tagserver/launch/ Frame 1B9A |
83 B 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
agentAvailability
vodafoneuk.digital.nuance.com/tagserver/launch/ Frame 1B9A |
83 B 396 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Vodafone (Telecommunication)81 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| VFUK function| e object| visitor object| urlParams object| perrestokens object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| nuanceData object| LPVCO_data undefined| queryParam object| notification undefined| logos boolean| utag_condload function| getThePageName object| chatLaunchedListener object| chatClosedListener object| c2cStateChanged object| c2cDisplayed object| c2cClickedListener object| saleLandingListener object| saleQualifiedListener object| soldListener object| chatEngagedListener object| chatReadyListener object| InqRegistry object| utag boolean| hasLoadRuleMatch boolean| hasExemptionMatch boolean| __tealium_twc_switch function| arrayCombiner function| getCookie function| setCookie object| tealiumCmpIntegration object| utag_cfg_ovrd string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer object| otStubData object| OneTrustStub object| Optanon object| OneTrust function| replaceDownloadCall function| $ function| jQuery object| vf function| _ object| Backbone function| moment boolean| timeoutTimesSet object| jQuery19109434776860929379 function| standardExt68 function| gtag function| tealium_enrichment object| lanternTracker object| lantern function| evaluateLegacySettings function| wrapWithTryCatch function| secureProtocol function| getParentV3LanderConfig function| loadChat object| v3Lander object| v3LanderConfig object| ttMETA boolean| targetLibLoadSuccess object| __webpack_exports__ object| inqFrame object| Inq function| BlockingDetector object| blockingDetector object| InqSaleMgr object| div29 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
www.vcol.co.uk/eplite | Name: vco-eplite Value: C2MUAxu_b2CxqmRqXG_krtg8DLUNAGi4fDd0543tdVKXc1J8459T!7225297 |
|
www.vcol.co.uk/ | Name: vco Value: m-YUAxuDttXSVMLpGMJ8RTijq5bWcUX1p-RoCDKHRqLqYQ5x0Awq!7225297 |
|
www.vcol.co.uk/ | Name: ADRUM_BTa Value: R:0|g:8f26960c-7251-4e57-b006-1b3b2d1f0f53|n:vodafoneuk_0496ac34-2f78-4719-95f5-4d9d710eae05 |
|
www.vcol.co.uk/ | Name: ADRUM_BT1 Value: R:0|i:129783 |
|
www.vcol.co.uk/ | Name: ADRUM_BTs Value: R:0|s:f |
|
.vcol.co.uk/ | Name: at_check Value: true |
|
.vcol.co.uk/ | Name: utag_main Value: v_id:018e1403218f001358dc4ac760030307300af06b00b08$_sn:1$_se:1$_ss:1$_st:1709734533327$ses_id:1709732733327%3Bexp-session$_pn:1%3Bexp-session |
|
.demdex.net/ | Name: demdex Value: 68435373165048806573847941575103342959 |
|
.vcol.co.uk/ | Name: AMCVS_BB2A12535131457C0A490D45%40AdobeOrg Value: 1 |
|
.vcol.co.uk/ | Name: OptanonConsent Value: isGpcEnabled=0&datestamp=Wed+Mar+06+2024+14%3A45%3A33+GMT%2B0100+(Central+European+Standard+Time)&version=202308.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&landingPath=https%3A%2F%2Fwww.vcol.co.uk%2Feplite%2Fapproval.html%3Fa%3Da%26r%3D701322209%26c%3Dc4497a__%3B!!KEc8uF_xo8-al5zF!Q8KQi6tE-5oobYXAehgMOpyEg06kLesKhybfUZk7A4RszdphQQL5uU7ReWxKJPloJ_sDJXRbxqDwKeWSayje%24&groups=1%3A1%2C2%3A0%2C3%3A0%2C4%3A0 |
|
.vcol.co.uk/ | Name: AMCV_BB2A12535131457C0A490D45%40AdobeOrg Value: -1712354808%7CMCIDTS%7C19789%7CMCMID%7C68135218487501069803824115264505923098%7CMCAAMLH-1710337533%7C6%7CMCAAMB-1710337533%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1709739933s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C4.3.0 |
|
.adnxs.com/ | Name: XANDR_PANID Value: Su01ROyMJafEQxprXka5D-qyyTKplSBhGCsxmBMT3UhnQMdiuresfNzmajlIFXaQn1j98b0y30XdKZ5a-y-WehyRbIb2kRCy6L-W61Bky7A. |
|
.adnxs.com/ | Name: receive-cookie-deprecation Value: 1 |
|
.adnxs.com/ | Name: uuid2 Value: 6452072468123019600 |
|
.dpm.demdex.net/ | Name: dpm Value: 68435373165048806573847941575103342959 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlMgGX2mLYB1lSYXmIOCyaKDgPqs_amfbY4KL-fZpanqtODehIPjEfa7wiIBBQ |
|
.vcol.co.uk/ | Name: mbox Value: session#e2b3e7196f874018acdc39120803c1ea#1709734594|PC#e2b3e7196f874018acdc39120803c1ea.37_0#1772977534 |
|
.vcol.co.uk/ | Name: mboxEdgeCluster Value: 37 |
|
.adform.net/ | Name: C Value: 1 |
|
.adform.net/ | Name: uid Value: 2760058219781063675 |
|
.demdex.net/ | Name: dextp Value: 358-1-1709732733590|771-1-1709732733690|1586-1-1709732733791|30646-1-1709732733892|139200-1-1709732733993 |
|
.yahoo.com/ | Name: A3 Value: d=AQABBH1z6GUCEEI9oHyuPHJSkqnAeD7AKNUFEgEBAQHE6WXyZee6Jm0A_eMAAA&S=AQAAAoY6_ocn06wpI1RtoBiYaug |
|
.analytics.yahoo.com/ | Name: IDSYNC Value: 19cu~2h51 |
|
.amazon-adsystem.com/ | Name: ad-id Value: A5_cO4Mls0vzpXHJ1HDZZ7Y |
|
.amazon-adsystem.com/ | Name: ad-privacy Value: 0 |
|
vodafoneuk.digital.nuance.com/ | Name: inqState_10006330 Value: %7BVA%3A%5B%5D%2C_loy%3A1%2C_ssQ%3A%5B%222024-03-06T13%3A45%3A34.875Z%22%5D%2C_slq%3A%5B%5D%2C_cct%3A0%2C_sqc%3A0%2C_slc%3A0%2Ccfl%3A9223372036854776000%2CNiEn%3A%22ninaProd%22%2CLDM%3A%7Blh%3A%5B%7Bid%3A38374825%2Ccg%3A%5B23%5D%7D%5D%7D%2CCHM%3A%7B%7D%2Cfst%3A1709732734875%2Clst%3A1709732734875%2C_ist%3A%22ELIGIBLE%22%2C_sesT%3A0%7D |
|
vodafoneuk.digital.nuance.com/ | Name: cobrowse_10006330 Value: {"auth":0} |
|
vodafoneuk.digital.nuance.com/ | Name: inqVital_10006330 Value: %7BINQ%3A%7BcustID%3A%22186729958806135522%22%7D%2Cv%3A3%2Cvcnt%3A17%2Cvtime%3A1709732735216%2C_acid%3A%22-1%22%2C_ss%3A%22unsold%22%2CCHM%3A%7Blpt%3A0%2ClastChat%3A%7B%7D%2ClastCallId%3A0%7D%2C_is%3A1709732734878%2C_iID%3A%221867299588061355221%22%2C_ig%3A%22CHAT%22%7D |
|
vodafoneuk.digital.nuance.com/ | Name: inqSession_10006330 Value: %7Bauu%3A0%2C_svMs%3A-1%2C_aTyp%3A3%2CASYNA%3A0%2CASYNB%3A0%2Ca0426%3A1%2CBUPTA%3A19001158%2CAGPTS%3A10006647%2CisAg%3A0%2CRestt%3A0%2ChasCH%3A0%2ChasNR%3A0%2ChasES%3A0%2CagenA%3A0%2CcMC%3A0%2CaMC%3A0%2CNANSE%3A%22%22%2CNANIN%3A%22%22%2CENTBU%3A0%2CCONBU%3A1%2CCARTG%3A0%2CCGmap%3A%5B%7Bkey%3A%22ATGRCtc%22%2Cvalue%3A0%7D%2C%7Bkey%3A%22ATGRCHtc%22%2Cvalue%3A0%7D%2C%7Bkey%3A%22ATGMHtc%22%2Cvalue%3A0%7D%5D%2CECLEC%3A0%2CInact%3A0%2CTrss%3A0%2CCustN%3A%22%22%2CCTNo%3A%22%22%2CeMail%3A%22%22%2CDETob%3A0%2CiSEE%3A0%2CbCSF%3A0%2Csrvyl%3A0%2CEQcsV%3A0%2CNRcsV%3A0%2Cvanri%3A%22%22%2Cvaact%3A%22%22%2Cvaru%3A%22%22%2Ccr%3A%22%22%2CoTB%3A0%2Cvcor%3A%22vco-%22%2Ccntr%3A%22%22%2CFAQr%3A21%2CFAQs%3A%22IBM%22%2CBotU%3A%22%22%2CBotR%3A0%2Ca5189%3A11%2CPCSbr%3A0%2Cismda%3A0%2Cagct%3A0%2Ccmsct%3A0%2CsjE3j%3A1%2CjfneD%3A1%2Ccusct%3A0%2Cercag%3A10006369%2Ctraag%3A10006333%2Crccn%3A4%2Cabspl%3A30%2CpteC%3A100%2CptHS%3A100%2CptSUI%3A100%2CVLEC%3A0%2CATGSE%3A0%2CRCGSE%3A0%2CREGSE%3A0%2CGENSP%3A0%2CCHM%3A%7Bpmor%3Afalse%2Ccb%3A1%7D%2C_ssID%3A%221867299588061355221%22%2Crd%3A%22%22%2Csest%3A%22%22%2C_sT%3A0%2Cltt%3A1709732734878%7D |
87 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | frame-ancestors 'self' https://s1-2-eu.ariba.com https://simpro4.wirelesslogic.com; |
Strict-Transport-Security | max-age=63072000; includeSubdomains; |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.vodafone.co.uk
c1.adform.net
cdn.cookielaw.org
cm.g.doubleclick.net
cms.analytics.yahoo.com
cobrowse-vodafoneuk.digital.nuance.com
dpm.demdex.net
ib.adnxs.com
lantern.roeye.com
lantern.roeyecdn.com
media-uk1.digital.nuance.com
s.amazon-adsystem.com
smetrics.vodafone.co.uk
tags.tiqcdn.com
ups.analytics.yahoo.com
vodafoneuk.demdex.net
vodafoneuk.digital.nuance.com
vodafoneuk.tt.omtrdc.net
www.vcol.co.uk
142.250.181.226
2600:9000:20eb:1c00:1f:af3f:8a40:93a1
2600:9000:235a:e00:7:2bfb:7c00:93a1
2606:4700::6812:82ec
2620:1ec:bdf::45
3.75.62.37
37.157.5.133
37.252.173.215
51.132.163.241
51.140.2.7
52.46.143.56
54.171.67.28
54.228.77.9
54.78.141.121
63.140.62.17
66.235.152.225
85.205.251.49
09b627933e01faa4979dc5661f7e616c7db1c12ea1984ca0549bdb253d24da9b
0f1f64ad0cc66e93f3828b42de314c7f74099afaee77eedf116463a5554c9da8
127cf35d1c4ad27eb189c6e63fd3ba5a17f8b94fef6e5e4ed5d9ed8868d2bab1
16362f0fd799b32b7a7d0bec55184cbc14a01f4cb395c110100053549dcae487
1bd2796a03fae8fb24f0cc26849724d08be7c43eaffc8dd673eb1e7b923f6594
1e1496a6be8958820e799eb167f94e842572d475da6dc9450ab476ecc0f64c4b
204e707cd11afabe6ca56dc27628b45f1cab62f51ccab57305f9fc13da0d1e32
27ff6f8b30f633a9e1954d6cc94756127292aa99560255e414bbb75b37416594
2ba9870e10c2137f195d654fc2b7eda8ff94a735fb5997e0d232c9717648b9c6
2cc361f4d633040bf9ab7417b24dffe997cf35865b879be9db2f3603910f0185
38bf1ce3cdc5f307780fabc05f0a1fe407e0dbaf1c8940559b3ea4814a94e5c4
483622354ce1366caaa37f61a2d1b6f4d2f1fcb1204e66cb686f9c9696235cf9
4be94c730de96b5db62d800ea824ca08ae254683839486e53510b4a80bd1d162
4cb2e4f8777f61639b19b352f7f5e4265cf5cf88f028c9705aea46a64535bae9
50aa20be5868b265c4df73836bb125ded10f167076bcec155ce154e2cfcd2c56
5537e7ccff2e1c6b366839ef3a5c21d2889efdced24e0cf8d3a2e53c17fe08bf
5958ea18cd66b5dbccef16da26ce82dd8ffc990b58f8a20acf7360b151b84a4b
5fa00d047acd959697b9d7772c31dcd37bec33c70c6fbf80ab8316205d1d286d
6221b73dbd760def9b44736c9af73cec34dadd63b769f7c93dbc22429a4240ba
6476068048e3d0644da5fa5fd0f957fc9be8c3ebe6a6036b753288d7d9d430c2
6ea71cd5f46c9c66a145a18ed6a185fc18a3c00092ace71bddcafeeaefc6888f
78a37757c165e672eda69f69d745ab86d78fd6d9b66b157cb9b032e479faab11
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7dda03ebed4182350fe64f0f1a1f2a1047cb4947d9e2426278691253f4accac0
81690d03f7ff8f6da73dd8d218093c4d641731851355eaff4f870e712fa0439f
85dd1d1386632248b84f919fba765edeccee9849c891c324e846126086d61b96
90d0b38af88ed18ca1ebf7c2d05b1f390027bb49dc04a9f996856366602bdca2
97885924f45fa14a315c54584cf667319b141ee9373c3f54e4368b7a49773e66
9808efbc774864388890e08fd013ecaa22ee206592396268dbb835cc418c2a2e
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ab7504976e57374a4a20eb33006c4f30a5b08d3ca5ff93426d81394b2f1d5052
ae7af88fff94ade13d5fb9cfa5581da810968e43e4848aa77838cea2d66308df
b575fa43c57544b91ce34b76fe521c63075dd7db5684dd6b9b509e211f019f96
bbcda486180500c3bf70f1d7e9f7501cd7e64cf86dbcb2cbd6151f3dc9c57397
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c36dcc9994cc97d5205383c535cf580e8a652a25226904314950439d73ebf7b2
c5773ded80b1cb4188e72660b30a04badece1e271462f3e8cc86957e0f2eb3bf
ccc81f1eeed45fd8c34cf918cdda1896db8d5ea380a888684ae35d771a1f8b88
cf223ed9b706a6538d88d6d5697234ac6aeeb1f3f4eff168e90a611a00859e73
d346801abbf9bb4e9e9a055239053d4ab5596514304f601a6c70604187acb744
d3f7b0ec4de079928a999641e781e80f33597a392a561bc460276dfb4efb6eec
dc170d84cff81a31814b4f3debbc27bdda77a2b295000c32e2984026a89e84d1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f5635ee475f40820886d4ac1fd0ccdde1c8de7c5efa8efb07e3ca67803fb5e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17a6f36cd7e58994ef8d1e9e07d0ed269709c1d042931703ea7b2feb41b0ce5