urlscan.io logo urlscan.io
SecurityTrails logo

visionautoagency.co.za Open in urlscan Pro
156.38.200.58  Public Scan

Go To Rescan Add Verdict Report
URL: http://visionautoagency.co.za/365/
Submission: On January 07 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 2 countries across 9 domains to perform 21 HTTP transactions. The main IP is 156.38.200.58, located in Johannesburg, South Africa and belongs to xneelo, ZA. The main domain is visionautoagency.co.za.
This is the only time visionautoagency.co.za was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 156.38.200.58 37153 (xneelo)
6 38.123.14.11 398494 (AS-RM-817)
1 35.238.7.255 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
1 143.204.150.21 16509 (AMAZON-02)
1 99.84.42.3 16509 (AMAZON-02)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
2 99.84.125.109 16509 (AMAZON-02)
1 1 13.33.46.23 16509 (AMAZON-02)
3 13.33.46.33 16509 (AMAZON-02)
2 75.2.88.188 16509 (AMAZON-02)
21 12
1    156.38.200.58 (Johannesburg, South Africa)

ASN37153 (xneelo, ZA)
PTR: hera.thishost.co.za
visionautoagency.co.za
6    38.123.14.11 (United States)

ASN398494 (AS-RM-817, US)
loanbutler.ruoff.com
1    35.238.7.255 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)
PTR: 255.7.238.35.bc.googleusercontent.com
www.jivesoftware.com
1    2607:f8b0:4006:81d::2008 (United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    143.204.150.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-150-21.ewr52.r.cloudfront.net
code.upscope.io
1    99.84.42.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-42-3.ewr52.r.cloudfront.net
js.upscope.io
1    2607:f8b0:4006:81e::200a (United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2607:f8b0:4006:80c::2003 (United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    99.84.125.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-125-109.ewr52.r.cloudfront.net
storage.upscope.io
1    13.33.46.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-23.ewr52.r.cloudfront.net
widget.intercom.io
3    13.33.46.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-46-33.ewr52.r.cloudfront.net
js.intercomcdn.com
2    75.2.88.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: ad8b87a22ce463223.awsglobalaccelerator.com
api-iam.intercom.io
Apex Domain
Subdomains		 Transfer
6 ruoff.com
loanbutler.ruoff.com
218 KB
4 upscope.io
code.upscope.io — Cisco Umbrella Rank: 29317
js.upscope.io — Cisco Umbrella Rank: 47545
storage.upscope.io — Cisco Umbrella Rank: 42082
115 KB
3 intercomcdn.com
js.intercomcdn.com — Cisco Umbrella Rank: 2178
124 KB
3 intercom.io
widget.intercom.io — Cisco Umbrella Rank: 2169
api-iam.intercom.io — Cisco Umbrella Rank: 2586
6 KB
2 gstatic.com
fonts.gstatic.com
34 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
2 KB
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
52 KB
1 jivesoftware.com
www.jivesoftware.com — Cisco Umbrella Rank: 934034
12 KB
1 visionautoagency.co.za
visionautoagency.co.za
3 KB
21 9
Domain Requested by
6 loanbutler.ruoff.com visionautoagency.co.za
loanbutler.ruoff.com
3 js.intercomcdn.com widget.intercom.io
2 api-iam.intercom.io js.intercomcdn.com
2 storage.upscope.io js.upscope.io
storage.upscope.io
2 fonts.gstatic.com fonts.googleapis.com
1 widget.intercom.io 1 redirects
1 fonts.googleapis.com loanbutler.ruoff.com
1 js.upscope.io code.upscope.io
1 code.upscope.io visionautoagency.co.za
1 www.googletagmanager.com visionautoagency.co.za
1 www.jivesoftware.com visionautoagency.co.za
1 visionautoagency.co.za
21 12

This site contains links to these domains. Also see Links.

Domain
www.hud.gov
www.consumerfinance.gov
upscope.io
Subject Issuer Validity Valid
*.ruoff.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-06 -
2022-11-06		 a year crt.sh
www.jivesoftware.com
R3		 2021-11-25 -
2022-02-23		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
upscope.io
Amazon		 2020-12-23 -
2022-01-21		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.intercomcdn.com
Amazon		 2021-03-01 -
2022-03-30		 a year crt.sh
*.intercom.com
Amazon		 2021-04-15 -
2022-05-14		 a year crt.sh

This page contains 3 frames:

Primary Page: http://visionautoagency.co.za/365/
Frame ID: 664341F9C9F203CE09428AAE5461BC02
Requests: 16 HTTP requests in this frame

Frame: https://storage.upscope.io/
Frame ID: 0E142FE144CE148DCDB45E39972E2CEB
Requests: 2 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.ff67e11f.js
Frame ID: 8C4A9473ECD1071CF279C16BFA29EF66
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sign In | Office365

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js

Page Statistics

21
Requests

90 %
HTTPS

25 %
IPv6

9
Domains

12
Subdomains

12
IPs

2
Countries

564 kB
Transfer

1699 kB
Size

5
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://widget.intercom.io/widget/gxf7jfdq HTTP 302
  • https://js.intercomcdn.com/shim.latest.js

21 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
visionautoagency.co.za/365/ 		8 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://visionautoagency.co.za/365/
Protocol
HTTP/1.1
Server
156.38.200.58 Johannesburg, South Africa, ASN37153 (xneelo, ZA),
Reverse DNS
hera.thishost.co.za
Software
LiteSpeed /
Resource Hash
6ed30b6da87b46f28daf0e810f41e5e0f30897e9de91c664efb8c0f29ac84ec9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
content-type
text/html
last-modified
Wed, 05 Jan 2022 22:05:46 GMT
accept-ranges
bytes
content-encoding
gzip
vary
Accept-Encoding
content-length
2418
date
Fri, 07 Jan 2022 21:22:21 GMT
server
LiteSpeed
all.css
loanbutler.ruoff.com/Fonts/ 		221 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loanbutler.ruoff.com/Fonts/all.css
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.123.14.11 , United States, ASN398494 (AS-RM-817, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a83536fbf9866d2c2fd1c4028ba5a79ad4f5f367c15f685709e9882ca4a3e182
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Tue, 27 Apr 2021 01:17:04 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"0e83e833bd71:0"
vary
Accept-Encoding
content-type
text/css
date
Fri, 07 Jan 2022 21:22:18 GMT
accept-ranges
bytes
content-length
34403
global.16ec977c0c92c94c7395.css
loanbutler.ruoff.com/Build/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loanbutler.ruoff.com/Build/global.16ec977c0c92c94c7395.css
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.123.14.11 , United States, ASN398494 (AS-RM-817, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
6c0782da30d11c872912aaffb2b9d71fe1485dadc1fae19acd6d0ddacc062c6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 20:40:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"033a8fc61fbd71:0"
vary
Accept-Encoding
content-type
text/css
date
Fri, 07 Jan 2022 21:22:18 GMT
accept-ranges
bytes
content-length
4058
externalPages.16ec977c0c92c94c7395.css
loanbutler.ruoff.com/Build/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://loanbutler.ruoff.com/Build/externalPages.16ec977c0c92c94c7395.css
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.123.14.11 , United States, ASN398494 (AS-RM-817, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
7c681d8cd5a4ffea33d70967eda0d3c80c92f999915a743e0edb1410d6cf0d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 20:40:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"033a8fc61fbd71:0"
vary
Accept-Encoding
content-type
text/css
date
Fri, 07 Jan 2022 21:22:18 GMT
accept-ranges
bytes
content-length
1113
Office365-White.png
www.jivesoftware.com/wp-content/uploads/Logos/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.jivesoftware.com/wp-content/uploads/Logos/Office365-White.png
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.238.7.255 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
255.7.238.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
8868b270949b75040fb4e67b93bf7cbabf667ea8b92bb79bd73c99e8ede1d9e8

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:22:22 GMT
last-modified
Mon, 18 Oct 2021 07:15:28 GMT
server
nginx
etag
"616d1f10-2e87"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
11911
global.16ec977c0c92c94c7395.js
loanbutler.ruoff.com/Build/ 		267 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loanbutler.ruoff.com/Build/global.16ec977c0c92c94c7395.js
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.123.14.11 , United States, ASN398494 (AS-RM-817, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e0dbf418f857726a473d32320da6bd0a6e809e6b5f5ad89b8483bfce63ac4480
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 20:40:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"033a8fc61fbd71:0"
vary
Accept-Encoding
content-type
application/javascript
date
Fri, 07 Jan 2022 21:22:18 GMT
accept-ranges
bytes
content-length
87353
externalPages.16ec977c0c92c94c7395.js
loanbutler.ruoff.com/Build/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loanbutler.ruoff.com/Build/externalPages.16ec977c0c92c94c7395.js
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.123.14.11 , United States, ASN398494 (AS-RM-817, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4c59f29ce920e580fa4a8222ac56b7fabd4fde5ebb6d1403a24fe4b0116f7446
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
last-modified
Mon, 27 Dec 2021 20:40:30 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"033a8fc61fbd71:0"
vary
Accept-Encoding
content-type
application/javascript
date
Fri, 07 Jan 2022 21:22:18 GMT
accept-ranges
bytes
content-length
1633
gtm.js
www.googletagmanager.com/ 		146 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-W6RVTS8
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81d::2008 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
11a381035e1f7cb4bf1f40185463f6797c14205fd9df468e943e8d889790d366
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:22:22 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52377
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 21:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 07 Jan 2022 21:22:22 GMT
avsbAiyoZ9.js
code.upscope.io/ 		1 KB
887 B 		Script
General
Check archive.org
Download Go to
Full URL
https://code.upscope.io/avsbAiyoZ9.js
Requested by
Host: visionautoagency.co.za
URL: http://visionautoagency.co.za/365/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.150.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-150-21.ewr52.r.cloudfront.net
Software
/
Resource Hash
c2fc7acf42e9a63fcfdad823fb69c28941d98db1f649be49112394adf4cbbcce

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:21:38 GMT
via
1.1 4c4a56815dfe3e256aedb11d486092f0.cloudfront.net (CloudFront)
age
44
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=60,public
x-amz-cf-pop
EWR52-C2
content-encoding
gzip
x-amz-cf-id
q8XiT2_vjfPdPodE8AUmDM2ZJnhtVr0lfvuoyGQJlvQusV98FXeHdA==
upscope-1.16.122.js
js.upscope.io/ 		398 KB
111 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.upscope.io/upscope-1.16.122.js
Requested by
Host: code.upscope.io
URL: https://code.upscope.io/avsbAiyoZ9.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.42.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-42-3.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
76484e3074a86083c54c7be120d75404c9ebdbc46fa976ba02499aa3ff48f6c7

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:21:25 GMT
content-encoding
gzip
last-modified
Thu, 23 Dec 2021 10:15:43 GMT
server
AmazonS3
age
78
etag
W/"3965b3f799b59cd1887192e9393531ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 a0845df335efaa79f84feeb1d7861c1a.cloudfront.net (CloudFront)
cache-control
max-age=864000,public
x-amz-cf-pop
EWR52-C4
x-amz-cf-id
xxp0Dc0aMyVBDTm6cOEbPOoRbVOXniJ1MAoHkYo8eniMnOYU-cSk1w==
css2
fonts.googleapis.com/ 		24 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Requested by
Host: loanbutler.ruoff.com
URL: https://loanbutler.ruoff.com/Build/global.16ec977c0c92c94c7395.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:81e::200a , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
545541fcd585d293cb9f3f93c334978c9339ac9612bfef7a89a39c40fcf64a8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://loanbutler.ruoff.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 07 Jan 2022 20:41:17 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 07 Jan 2022 21:22:22 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 07 Jan 2022 21:22:22 GMT
externalPage_bg.jpg
loanbutler.ruoff.com/Images/ 		91 KB
91 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loanbutler.ruoff.com/Images/externalPage_bg.jpg
Requested by
Host: loanbutler.ruoff.com
URL: https://loanbutler.ruoff.com/Build/externalPages.16ec977c0c92c94c7395.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
38.123.14.11 , United States, ASN398494 (AS-RM-817, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8edd2ca9153a75ef4fea5d1a7f6db8e95007ca72aee94b3cc52b8947bc041862
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://loanbutler.ruoff.com/Build/externalPages.16ec977c0c92c94c7395.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
last-modified
Tue, 06 Oct 2020 02:09:50 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
etag
"55b9a6c5859bd61:0"
content-type
image/jpeg
date
Fri, 07 Jan 2022 21:22:18 GMT
accept-ranges
bytes
content-length
93551
pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v8/ 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v8/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://visionautoagency.co.za
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Sat, 01 Jan 2022 22:28:23 GMT
x-content-type-options
nosniff
age
514439
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16840
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:18:54 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sun, 01 Jan 2023 22:28:23 GMT
pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v8/ 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/nunitosans/v8/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4006:80c::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
http://visionautoagency.co.za
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Tue, 04 Jan 2022 16:21:03 GMT
x-content-type-options
nosniff
age
277279
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17108
x-xss-protection
0
last-modified
Thu, 16 Sep 2021 18:12:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 04 Jan 2023 16:21:03 GMT
/
storage.upscope.io/ Frame 0E14 		144 B
484 B 		Document
General
Check archive.org
Download Go to
Full URL
https://storage.upscope.io/
Requested by
Host: js.upscope.io
URL: https://js.upscope.io/upscope-1.16.122.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-109.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9109fae327de715d87d419af28e413c5bb200f6df4ea4e4209df3760ff4c2e6e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/

Response headers

content-type
text/html; charset=utf-8
content-length
144
last-modified
Wed, 03 Apr 2019 12:55:34 GMT
server
AmazonS3
date
Fri, 07 Jan 2022 21:22:22 GMT
cache-control
max-age=86400,public
etag
"cf52da00fc63e7f9594f6d35421c4077"
x-cache
Hit from cloudfront
via
1.1 46b177c3d09733bd56d354391fb7400d.cloudfront.net (CloudFront)
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
1kLDMpqwI4mdeI2OkHGj5uH7Bfw0UYu2s79p80cnOgF1xx9Fi6XOzw==
index.js
storage.upscope.io/ Frame 0E14 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.upscope.io/index.js?1.0.0
Requested by
Host: storage.upscope.io
URL: https://storage.upscope.io/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.84.125.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-84-125-109.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
affd80fcc83394184d3b6e5f87c46e65550d9f40a31306fb6944059a5ab1fb69

Request headers

Accept-Language
en-US,en;q=0.9
Referer
https://storage.upscope.io/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date
Fri, 07 Jan 2022 21:21:27 GMT
content-encoding
gzip
last-modified
Wed, 03 Apr 2019 12:55:32 GMT
server
AmazonS3
age
56
etag
W/"ab8ec51d462e347c6da7020b37af04bc"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 46b177c3d09733bd56d354391fb7400d.cloudfront.net (CloudFront)
cache-control
max-age=2592000,public
x-amz-cf-pop
EWR52-C3
x-amz-cf-id
wcackKystroqhkPJxcwBXwM1SEEiUPLpHqZTBegwn_V-32TF7-wNEQ==
shim.latest.js
js.intercomcdn.com/
Redirect Chain
  • https://widget.intercom.io/widget/gxf7jfdq
  • https://js.intercomcdn.com/shim.latest.js
18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/shim.latest.js
Protocol
H2
Server
13.33.46.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-33.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7ca36db30e99d1e5e61709290b716071cafeef2a01bdcbf8150b33bc5c1652

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 07 Jan 2022 21:18:34 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 12:13:29 GMT
server
AmazonS3
age
229
etag
"76f647aacfbb803514f8b76389d6e56d"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d58537e312a32f11086af17e2a952efc.cloudfront.net (CloudFront)
cache-control
max-age=300, s-maxage=300, public
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
6064
x-amz-cf-id
gykLYgDjPrCvd4QKRQQ8A9Afd2wBcCq99S5XHjG-UuEPMqHvHJdKFg==

Redirect headers

date
Fri, 07 Jan 2022 03:34:31 GMT
via
1.1 215207bc7fb93e55e70ed5107d9c8948.cloudfront.net (CloudFront)
server
AmazonS3
age
64072
x-cache
Hit from cloudfront
location
https://js.intercomcdn.com/shim.latest.js
x-amz-cf-pop
EWR52-C1
content-length
0
x-amz-cf-id
F1OBwf4gXSh5W_DusNNiXp_PllLoS-kOLfPvzA7yhqjAd4TNrnii6w==
frame-modern.ff67e11f.js
js.intercomcdn.com/ Frame 8C4A 		294 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/frame-modern.ff67e11f.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gxf7jfdq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-33.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d57ba0742a9d499242c5d045926d1338718bd7828625705e3943dd3edc8bde3e

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 07 Jan 2022 20:13:35 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 12:12:29 GMT
server
AmazonS3
age
4128
etag
"882eb061e13a83d8e662a664e9dcd7a7"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d58537e312a32f11086af17e2a952efc.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
80186
x-amz-cf-id
zjNTMRTKDoR9P6XqNKZu4AXCiUDNPJEMibwAkukwH-1WTn5XjOcCYg==
vendor-modern.aed2a635.js
js.intercomcdn.com/ Frame 8C4A 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.intercomcdn.com/vendor-modern.aed2a635.js
Requested by
Host: widget.intercom.io
URL: https://widget.intercom.io/widget/gxf7jfdq
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.46.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-46-33.ewr52.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d813849669b73ae248b4799780675c66b93ac67bc9d5bcab4404f52ff9b768ee

Request headers

Accept-Language
en-US,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Fri, 07 Jan 2022 20:03:09 GMT
content-encoding
gzip
last-modified
Fri, 07 Jan 2022 12:12:29 GMT
server
AmazonS3
age
4754
etag
"54ae25b5f120a40657e92e7e493e2cf6"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
via
1.1 d58537e312a32f11086af17e2a952efc.cloudfront.net (CloudFront)
cache-control
max-age=31536000, s-maxage=7200, public
x-amz-cf-pop
EWR52-C1
accept-ranges
bytes
content-length
39073
x-amz-cf-id
a7r-8yazpjr1bJ4erSM_azthIvlCOsBxNEq9isuPQSBYFM8MGF3nsw==
ping
api-iam.intercom.io/messenger/web/ Frame 8C4A 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ff67e11f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
a62133357d22c85ff6c94fe598a2973dbacd99cadd0c6d34f7f0fe52645b0d35
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 07 Jan 2022 21:22:23 GMT
content-encoding
gzip
x-ami-version
ami-0d3809ab3b0295ce7
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
000bf3u2sj40tasqamqg
x-runtime
0.362756
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"a62133357d22c85ff6c94fe598a2973d"
x-ratelimit-remaining
13329
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://visionautoagency.co.za
x-intercom-version
9f9921a9f7559e488d3a17095e43a360932d6b1d
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1641590550
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
ping
api-iam.intercom.io/messenger/web/ Frame 8C4A 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-iam.intercom.io/messenger/web/ping
Requested by
Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.ff67e11f.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
75.2.88.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ad8b87a22ce463223.awsglobalaccelerator.com
Software
nginx /
Resource Hash
ff388cb410b7d445d5b853dc025c268be74f354bdf90a9d67dcde6ba9ca99b87
Security Headers
Name Value
Strict-Transport-Security max-age=31556952; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
Accept-Language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Fri, 07 Jan 2022 21:22:24 GMT
content-encoding
gzip
x-ami-version
ami-0d3809ab3b0295ce7
status
200 OK
strict-transport-security
max-age=31556952; includeSubDomains; preload
vary
Accept,Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
00076nmtp85qqkhibrh0
x-runtime
0.295119
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"ff388cb410b7d445d5b853dc025c268b"
x-ratelimit-remaining
13328
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
http://visionautoagency.co.za
x-intercom-version
9f9921a9f7559e488d3a17095e43a360932d6b1d
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-ratelimit-reset
1641590550
x-ratelimit-limit
13333
access-control-allow-headers
Content-Type
x-content-type-options
nosniff
truncated
/ 		494 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f1a7af658e84419f3dd79920ef1f2f52a5f692ded2d6788609335adf3f42e70f

Request headers

Accept-Language
en-US,en;q=0.9
Referer
http://visionautoagency.co.za/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onsecuritypolicyviolation object| onslotchange object| dataLayer function| Upscope string| scriptUrl object| google_tag_manager object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| FontAwesomeConfig object| ___FONT_AWESOME___ function| Intercom boolean| __upscopeIdleManagerActive function| __intercomAssignLocation

5 Cookies

Domain/Path Name / Value
.visionautoagency.co.za/365 Name: __apex_test__
Value:
.visionautoagency.co.za/ Name: _upscope__region
Value: InVzLWVhc3Qi
.visionautoagency.co.za/ Name: intercom-id-gxf7jfdq
Value: a60fc241-d212-4e7b-b94a-9b67f8079912
.visionautoagency.co.za/ Name: intercom-session-gxf7jfdq
Value:
.visionautoagency.co.za/ Name: _upscope__shortId
Value: IkhMUEdFRDYwR0tZQVlTUUxTIg==

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
code.upscope.io
fonts.googleapis.com
fonts.gstatic.com
js.intercomcdn.com
js.upscope.io
loanbutler.ruoff.com
storage.upscope.io
visionautoagency.co.za
widget.intercom.io
www.googletagmanager.com
www.jivesoftware.com
13.33.46.23
13.33.46.33
143.204.150.21
156.38.200.58
2607:f8b0:4006:80c::2003
2607:f8b0:4006:81d::2008
2607:f8b0:4006:81e::200a
35.238.7.255
38.123.14.11
75.2.88.188
99.84.125.109
99.84.42.3
0b125629b135235aea4609c07048a5a7671a9058910b632db5d69a0d09339ed4
11a381035e1f7cb4bf1f40185463f6797c14205fd9df468e943e8d889790d366
3b7ca36db30e99d1e5e61709290b716071cafeef2a01bdcbf8150b33bc5c1652
4c59f29ce920e580fa4a8222ac56b7fabd4fde5ebb6d1403a24fe4b0116f7446
545541fcd585d293cb9f3f93c334978c9339ac9612bfef7a89a39c40fcf64a8e
6c0782da30d11c872912aaffb2b9d71fe1485dadc1fae19acd6d0ddacc062c6c
6ed30b6da87b46f28daf0e810f41e5e0f30897e9de91c664efb8c0f29ac84ec9
76484e3074a86083c54c7be120d75404c9ebdbc46fa976ba02499aa3ff48f6c7
7c681d8cd5a4ffea33d70967eda0d3c80c92f999915a743e0edb1410d6cf0d75
8868b270949b75040fb4e67b93bf7cbabf667ea8b92bb79bd73c99e8ede1d9e8
8edd2ca9153a75ef4fea5d1a7f6db8e95007ca72aee94b3cc52b8947bc041862
9109fae327de715d87d419af28e413c5bb200f6df4ea4e4209df3760ff4c2e6e
a62133357d22c85ff6c94fe598a2973dbacd99cadd0c6d34f7f0fe52645b0d35
a83536fbf9866d2c2fd1c4028ba5a79ad4f5f367c15f685709e9882ca4a3e182
abf55d853f3bbe3a244ea8f3b8ed9b4127f028a096fefc942020a3605433d99a
affd80fcc83394184d3b6e5f87c46e65550d9f40a31306fb6944059a5ab1fb69
c2fc7acf42e9a63fcfdad823fb69c28941d98db1f649be49112394adf4cbbcce
d57ba0742a9d499242c5d045926d1338718bd7828625705e3943dd3edc8bde3e
d813849669b73ae248b4799780675c66b93ac67bc9d5bcab4404f52ff9b768ee
e0dbf418f857726a473d32320da6bd0a6e809e6b5f5ad89b8483bfce63ac4480
f1a7af658e84419f3dd79920ef1f2f52a5f692ded2d6788609335adf3f42e70f
ff388cb410b7d445d5b853dc025c268be74f354bdf90a9d67dcde6ba9ca99b87