www.skateprogression.com
Open in
urlscan Pro
2606:4700:3035::681b:b377
Malicious Activity!
Public Scan
URL:
https://www.skateprogression.com/FedEx%20Edit/address.php
Submission: On April 26 via automatic, source openphish
Submission: On April 26 via automatic, source openphish
Summary
This website contacted 12 IPs
in 5 countries
across 11 domains to perform 69 HTTP transactions.
The main IP is 2606:4700:3035::681b:b377, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.skateprogression.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 14th 2020. Valid for: 8 months.
This is the only time www.skateprogression.com was scanned on urlscan.io!
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 14th 2020. Valid for: 8 months.
This is the only time www.skateprogression.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fedex (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 44 | 2606:4700:303... 2606:4700:3035::681b:b377 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 2 | 18.202.93.59 18.202.93.59 | 16509 (AMAZON-02) (AMAZON-02) | |
| 5 | 2a02:26f0:10c... 2a02:26f0:10c:382::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 3.218.101.146 3.218.101.146 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 172.217.18.166 172.217.18.166 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2a02:26f0:6c0... 2a02:26f0:6c00:19d::2070 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 1 | 66.117.29.3 66.117.29.3 | 15224 (OMNITURE) (OMNITURE) | |
| 1 | 2a02:26f0:10c... 2a02:26f0:10c:38c::11e2 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 2 | 35.181.91.36 35.181.91.36 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 192.135.86.138 192.135.86.138 | 17144 (NUANCE-NOD) (NUANCE-NOD) | |
| 1 | 34.243.44.116 34.243.44.116 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 151.101.14.27 151.101.14.27 | 54113 (FASTLY) (FASTLY) | |
| 69 | 12 |
2
18.202.93.59
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-93-59.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-93-59.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
3.218.101.146
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-101-146.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-218-101-146.compute-1.amazonaws.com
| ws.sessioncam.com |
1
172.217.18.166
(United States)
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra15s29-in-f6.1e100.net
| fls.doubleclick.net |
2
35.181.91.36
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-91-36.eu-west-3.compute.amazonaws.com
| smetrics.fedex.com |
1
34.243.44.116
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-44-116.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-44-116.eu-west-1.compute.amazonaws.com
| fedex.demdex.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 44 |
skateprogression.com
www.skateprogression.com |
2 MB |
| 6 |
fedex.com
www.fedex.com smetrics.fedex.com |
14 KB |
| 5 |
adobedtm.com
assets.adobedtm.com |
92 KB |
| 3 |
ooyala.com
player.ooyala.com |
160 KB |
| 3 |
demdex.net
1 redirects
dpm.demdex.net fedex.demdex.net |
2 KB |
| 1 |
nuance-va.com
agent.nuance-va.com |
150 B |
| 1 |
adobe.com
cimage.adobe.com |
353 B |
| 1 |
omtrdc.net
1 redirects
fedex.tt.omtrdc.net |
426 B |
| 1 |
doubleclick.net
fls.doubleclick.net |
716 B |
| 1 |
sessioncam.com
ws.sessioncam.com |
|
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 69 | 11 |
| Domain | Requested by | |
|---|---|---|
| 44 | www.skateprogression.com |
www.skateprogression.com
|
| 5 | assets.adobedtm.com |
www.skateprogression.com
|
| 4 | www.fedex.com |
www.skateprogression.com
|
| 3 | player.ooyala.com |
www.skateprogression.com
player.ooyala.com |
| 2 | smetrics.fedex.com |
www.skateprogression.com
|
| 2 | dpm.demdex.net |
1 redirects
www.skateprogression.com
|
| 1 | fedex.demdex.net |
www.skateprogression.com
|
| 1 | agent.nuance-va.com |
www.skateprogression.com
|
| 1 | cimage.adobe.com |
www.skateprogression.com
|
| 1 | fedex.tt.omtrdc.net | 1 redirects |
| 1 | fls.doubleclick.net |
www.skateprogression.com
|
| 1 | ws.sessioncam.com |
www.skateprogression.com
|
| 0 | kajfghlhfkcocafkcjlajldicbikpgnp Failed |
www.skateprogression.com
|
| 69 | 13 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.fedex.com |
| getrewards.fedex.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-14 - 2020-10-09 |
8 months | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
| ws.sessioncam.com Amazon |
2020-04-16 - 2021-05-16 |
a year | crt.sh |
| *.doubleclick.net GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
| www.fedex.com GeoTrust RSA CA 2018 |
2019-10-10 - 2020-12-08 |
a year | crt.sh |
| *.adobe.com DigiCert SHA2 Secure Server CA |
2020-01-24 - 2021-02-22 |
a year | crt.sh |
| smetrics.fedex.com DigiCert Global CA G2 |
2019-08-01 - 2021-10-14 |
2 years | crt.sh |
| *.nuance-va.com DigiCert Global CA G2 |
2018-01-03 - 2021-01-03 |
3 years | crt.sh |
| brightcove.com GlobalSign CloudSSL CA - SHA256 - G3 |
2020-04-19 - 2021-04-20 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.skateprogression.com/FedEx%20Edit/address.php
Frame ID: 0DFEF7C3A73DEBEEB28BFBAA3171CF7C
Requests: 55 HTTP requests in this frame
Frame:
https://www.skateprogression.com/FedEx%20Edit/files/activityi.html
Frame ID: 9014C7380A79E87D076A63C4BDA2A67C
Requests: 4 HTTP requests in this frame
Frame:
https://www.skateprogression.com/FedEx%20Edit/files/saved_resource.html
Frame ID: 0B921A83551E23083CBD273A5896B55C
Requests: 4 HTTP requests in this frame
Frame:
https://www.skateprogression.com/FedEx%20Edit/files/saved_resource(1).html
Frame ID: 21EB3C7D64C7F06096F69D49B953FC1B
Requests: 4 HTTP requests in this frame
Frame:
https://fedex.demdex.net/dest5.html?d_nsid=0
Frame ID: FCFC858B57490C3BAC44AAB15B016E64
Requests: 1 HTTP requests in this frame
Frame:
https://player.ooyala.com/ooyala_storage.html
Frame ID: 11825864F5F1851DD70BF224EBFEAD82
Requests: 1 HTTP requests in this frame
Screenshot
Detected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/clientlibs\//i
- script /\/etc.clientlibs\//i
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- url /\.php(?:$|\?)/i
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/clientlibs\//i
- script /\/etc.clientlibs\//i
Adobe DTM
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/assets.adobedtm.com\//i
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
DoubleClick Floodlight
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /https?:\/\/fls\.doubleclick\.net/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
7 Outgoing links
These are links going to different origins than the main page.
URL: https://www.fedex.com/en-us/home.html
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/home.html
Title: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Your IP address (2a01:4f8:192:5414::2) have been logged for security purposes.
Title: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Your IP address (2a01:4f8:192:5414::2) have been logged for security purposes.
Search URL Search Domain Scan URL
URL: https://getrewards.fedex.com/
Title: Rewards
Title: Rewards
Search URL Search Domain Scan URL
URL: https://www.fedex.com/us/fcl/pckgenvlp/insight/
Title: Insight
Title: Insight
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/customer-support/claims.html
Title: Claims
Title: Claims
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/quick-help/sm_history.html
Title: Shipping History
Title: Shipping History
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/billing-online.html
Title: Billing
Title: Billing
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 24- https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E22171B520E93BF0A490D44%40AdobeOrg&d_nsid=0&ts=1587904631463 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E22171B520E93BF0A490D44%40AdobeOrg&d_nsid=0&ts=1587904631463
- https://fedex.tt.omtrdc.net/m2/fedex/ubox/image?mbox=3rdPartySet&mboxHost=www.skateprogression.com&mboxDefault=https://cimage.adobe.com/onepixel.gif&mboxXDomain=enabled&mboxSession=077e7bb9993d42b0a19fc2657f5fda8f&profile.thirdPartyCookieSet=true&mboxPC=077e7bb9993d42b0a19fc2657f5fda8f.26_15 HTTP 302
- https://cimage.adobe.com/onepixel.gif
69 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
address.php
www.skateprogression.com/FedEx%20Edit/ |
45 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s93591262351213
www.skateprogression.com/FedEx%20Edit/files/ |
3 KB 3 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f.txt
www.skateprogression.com/FedEx%20Edit/files/ |
40 B 298 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.fb50358df4c2bd6aa6e1dd5b0d9b9d29.js
www.skateprogression.com/FedEx%20Edit/files/ |
111 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homepage.min.452bb7966cffb2be804335129d53287d.css
www.skateprogression.com/FedEx%20Edit/files/ |
438 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
secureCheck.min.42010d584c990b029ec1fef9052d4f79.js
www.skateprogression.com/FedEx%20Edit/files/ |
3 KB 1014 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
www.skateprogression.com/FedEx%20Edit/files/ |
142 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
www.skateprogression.com/FedEx%20Edit/files/ |
72 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
33af3c9a
www.skateprogression.com/FedEx%20Edit/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sessioncam.recorder.js
www.skateprogression.com/FedEx%20Edit/files/ |
273 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
www.skateprogression.com/FedEx%20Edit/files/ |
189 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5959e13664746d6f1a0106eb.js
www.skateprogression.com/FedEx%20Edit/files/ |
1 KB 742 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-594bfa3264746d3fce00d53a.js
www.skateprogression.com/FedEx%20Edit/files/ |
1 KB 616 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent-us.min.css
www.skateprogression.com/FedEx%20Edit/files/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent.min.js
www.skateprogression.com/FedEx%20Edit/files/ |
275 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config.aspx
www.skateprogression.com/FedEx%20Edit/files/ |
145 B 322 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
www.skateprogression.com/FedEx%20Edit/files/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sprite-placeholder.png
www.skateprogression.com/FedEx%20Edit/files/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FED03324_FY19_Summer_FX_Ground_US_HP_ContainerDrawer_727x643_C_1039825184.jpg
www.skateprogression.com/FedEx%20Edit/files/ |
232 KB 233 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lodash.min.js
www.skateprogression.com/FedEx%20Edit/files/ |
67 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homepage.min.e3c9a0b7e8a87ae9989a660683765054.js
www.skateprogression.com/FedEx%20Edit/files/ |
562 KB 138 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5a4d184d64746d57b6001018.js
www.skateprogression.com/FedEx%20Edit/files/ |
130 B 200 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bd-1-30
www.skateprogression.com/FedEx%20Edit/files/ |
55 KB 55 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
214 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/ |
76 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.aspx
ws.sessioncam.com/Record/ |
0 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
fls.doubleclick.net/ |
40 B 716 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr.min.js
www.fedex.com/templates/components/libraries/1.1/modernizr/2.6.1/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onepixel.gif
cimage.adobe.com/ Redirect Chain
|
49 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
menu-sprite.png
www.skateprogression.com/FedEx%20Edit/images/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Regular.ttf
www.skateprogression.com/FedEx%20Edit/common/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flags.png
www.skateprogression.com/FedEx%20Edit/images/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer-sprite.png
www.skateprogression.com/FedEx%20Edit/images/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Light.ttf
www.skateprogression.com/FedEx%20Edit/common/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Bold.ttf
www.skateprogression.com/FedEx%20Edit/common/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5a4d184d64746d57b6001018.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ |
130 B 376 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/ |
220 KB 62 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi.html
www.skateprogression.com/FedEx%20Edit/files/ Frame 9014 |
831 B 470 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
_data
www.skateprogression.com/_bm/ |
11 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
VA_Icon.png
www.fedex.com/content/dam/fedex-com/images/us/va-nina/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
VA_Tagline.png
www.fedex.com/content/dam/fedex-com/images/us/va-nina/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.fedex.com/ |
48 B 487 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ Frame 9014 |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ Frame 9014 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CJHTgcGNld0CFVTjGwodgHgPTA
www.skateprogression.com/FedEx%20Edit/files/ Frame 9014 |
42 B 350 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
saved_resource.html
www.skateprogression.com/FedEx%20Edit/files/ Frame 0B92 |
607 B 576 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
saved_resource(1).html
www.skateprogression.com/FedEx%20Edit/files/ Frame 21EB |
607 B 406 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ Frame 21EB |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ Frame 21EB |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ra.pixel
www.skateprogression.com/FedEx%20Edit/files/ Frame 21EB |
43 B 125 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ Frame 0B92 |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ Frame 0B92 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ra.pixel
www.skateprogression.com/FedEx%20Edit/files/ Frame 0B92 |
43 B 334 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s85344976793371
smetrics.fedex.com/b/ss/fedexglbldev,fedexglobaldev/10/JS-1.8.0-D7QN/ |
146 B 392 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoptimize_c31b1dddb9c73df3ec81f7c01c845712.js
www.skateprogression.com/wp-content/cache/autoptimize/js/ |
170 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoptimize_f267d32eefa437619db8c3122ef24485.css
www.skateprogression.com/wp-content/cache/autoptimize/css/ |
291 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
houston.html
agent.nuance-va.com/houston/ |
2 B 150 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
fedexlogin
www.fedex.com/etc/services/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5959e13664746d6f1a0106eb.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ |
1 KB 984 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-594bfa3264746d3fce00d53a.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ |
1 KB 839 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent-us.min.css
www.skateprogression.com/etc/clientlibs/fedex/components/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent.min.js
www.skateprogression.com/etc/clientlibs/fedex/components/virtualagent-us/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
dest5.html
fedex.demdex.net/ Frame FCFC |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core.min.js
player.ooyala.com/static/v4/stable/4.18.15/ |
543 KB 143 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main_html5.min.js
player.ooyala.com/static/v4/stable/4.18.15/video-plugin/ |
51 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ooyala_storage.html
player.ooyala.com/ Frame 1182 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
html5-skin.min.js
www.fedex.com/etc/clientlibs/fedex/components/ooyala-player/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- www.fedex.com
- URL
- https://www.fedex.com/etc/services/fedexlogin
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fedex (Transportation)167 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| FDX object| fdx function| $ function| jQuery object| matched object| browser function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| _adobe object| s string| data string| route object| targetGlobalSettings object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| bazadebezolkohpepadr object| html5 function| html5shim object| sessionCamRecorder function| SessionCamRecorder number| scInitTime0 function| sessionCamJQuery function| fdx_initSCVars function| fdx_debug function| fdx_setCookie function| fdx_getCookie function| fdx_campaign function| fdx_gup function| fdx_fireSDotT function| fdx_fireSDotTL function| fdx_iSrch function| scIS function| fdx_scIS function| logLinkView function| fdx_logLinkView function| setLinkView function| fdx_setLinkView function| fdx_getLinkView function| fdx_linkFormat function| fdx_trackMapping function| fdx_logDownload function| fdx_createCustomEvent function| fdx_dispatchCustomEvent function| fdx_fireCustomEvent function| logPageView function| fdx_logPageView function| logPurchase function| fdx_logProdView function| fdx_convertToStr function| fdx_logChat function| fdx_logTrackPOD function| fdx_logFXO function| s_doPlugins function| fdx_initPlugins function| AppMeasurement_Module_Media function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| fdx_runSCode function| fdx_initSCode function| DIL number| s_objectID number| s_giq string| sc_code_ver string| sc_code_ver_date string| s_version string| s_account string| nltrk object| s_Integrate_DFA string| v string| sc_s_etrid string| sc_s_acxrid string| sc_fcl_uuid function| appTarget boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isChrome boolean| isIE undefined| firefoxVersion undefined| ieVersion string| chromeVersion undefined| safariVersion undefined| firefoxPosition undefined| iePosition undefined| ieEnd number| chromePosition number| chromeEnd undefined| safariPosition undefined| safariEnd object| Nina object| ModernizrForNina object| NinaVars object| img string| s_tnt string| tntVal function| validate function| _ function| Swipe object| WTRK function| initTimer function| silentCountdown function| countdown function| initFDX_SA_Map object| skin function| schLoadTracking function| autoExpandAccordion function| DP_jQuery_1587904631607 object| jQuery1124023713408344867193 object| fdxTnt object| s_5_Integrate_DFA_get_0 function| fdx_spSrch function| fdx_logPurchase function| fdx_logPurchaseMAGS function| fdx_logPurchaseMAGR function| fdx_logPurchaseWREG function| processData string| fdx_locale object| _cf object| _ac object| bmak string| _sd_trace object| Modernizr function| yepnope object| dc number| f number| ne object| gmar number| dsts object| gnov number| dste object| spr object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd number| slo number| d object| eo number| y object| s_i_fedexglbldev_fedexglobaldev object| NinaPostQualif object| OO undefined| Hazmat function| jsSHA object| LZW object| base64 object| callbackQueue function| generateDeviceId object| Ooyala object| global undefined| callback12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .demdex.net/ | Name: demdex Value: 18836282364484180662809115143327368130 |
|
| .skateprogression.com/ | Name: Nina-nina-fedex-session Value: %7B%22locale%22%3A%22en_us%22%2C%22lcstat%22%3Afalse%7D |
|
| .skateprogression.com/ | Name: s_sess Value: %20setLink%3D%3B%20SC_LINKS%3D%3B |
|
| www.skateprogression.com/ | Name: sc.Status Value: 2 |
|
| .skateprogression.com/ | Name: s_cc Value: true |
|
| .skateprogression.com/ | Name: AMCVS_1E22171B520E93BF0A490D44%40AdobeOrg Value: 1 |
|
| .skateprogression.com/ | Name: s_pers Value: %20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1587906431642%3B%20gpv_pageName%3Dhome%7C1587906431820%3B%20s_vnum%3D1587938400823%2526vn%253D1%7C1587938400823%3B%20s_invisit%3Dtrue%7C1587906431823%3B |
|
| www.skateprogression.com/ | Name: sc.ASP.NET_SESSIONID Value: undefined |
|
| www.skateprogression.com/ | Name: ooyala_guid Value: HgfjkgEVSbFff6IIzoAuAJfjEZgm5fjK8g8YzghKCtw |
|
| .skateprogression.com/ | Name: AMCV_1E22171B520E93BF0A490D44%40AdobeOrg Value: -894706358%7CMCIDTS%7C18379%7CMCMID%7C19065434984853023952786990971246186155%7CMCAAMLH-1588509431%7C6%7CMCAAMB-1588509431%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1587911831s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.3.0 |
|
| .skateprogression.com/ | Name: check Value: true |
|
| .skateprogression.com/ | Name: __cfduid Value: d9534a839a1d4f672e9fe6a9e0f3c48571587904631 |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
agent.nuance-va.com
assets.adobedtm.com
cimage.adobe.com
dpm.demdex.net
fedex.demdex.net
fedex.tt.omtrdc.net
fls.doubleclick.net
kajfghlhfkcocafkcjlajldicbikpgnp
player.ooyala.com
smetrics.fedex.com
ws.sessioncam.com
www.fedex.com
www.skateprogression.com
kajfghlhfkcocafkcjlajldicbikpgnp
www.fedex.com
151.101.14.27
172.217.18.166
18.202.93.59
192.135.86.138
2606:4700:3035::681b:b377
2a02:26f0:10c:382::1e80
2a02:26f0:10c:38c::11e2
2a02:26f0:6c00:19d::2070
3.218.101.146
34.243.44.116
35.181.91.36
66.117.29.3
203053dbd643401b5cd8033e9cc1cde99bffc8a3036518517ab33a3d8091a1a4
260eb38b160b97c73bcd23109f5261dd49cd09fcc36283e95c719b86b322b41a
2dd42af252b85be303db754dd37c9f145dd655d8e8714cf2fd1ec068f625ab38
3274df12acf97117a4fd50cee9212feae30082d61c5bbc0448c30be030c1790d
38ad4fa0d3a1b46734ceed24fe13ece69d170c9d6806fd8baac59deb83541f38
3a45130d0b8f72cb4bded19108e073babbe8c38e1bfe47e63624e07d2627ac9c
469ba37f8b7b6e59c6986f92756708fd0a39db7f05b6f231da2f6d281d7266e2
46d8b2c1b4b3cc2f4ea024f8ae074e3253e4e08425cee2f4747c51fca22faae7
4c219b564ba5daf4e2fc3edb8956d00bf8803728e42a9904c2576925d3f8fc4a
5095db88ad1749ffcf51aa2c57a9e3a337060fa1c06a99218a3169bd5f80b18e
56b7e8ca4092fc7f4ce541932df6a5d30143414550046ab65387c5f4c134ad21
57093d2c3a67ebfd35e3fafc765d90c024db25b1db74b63f152b80dbbfe72318
5ed4b31f24f8cdc04d49d5c766875606948413f4348a76cd1e14b98039987d58
6e0ed33aab34a573975c9695ab5d52c62f1030db9859c166dfc14089dc2aa03b
6e37c6b285e0b3135a282aece3971e078fd476e609df4a7e68d78dc773c99841
6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46
70112db810e9e57739f102c7ed334cc51828a130a90ff1aff8ab7ce017953737
72cdde54cb5873078eccfab3f4d0e94a6d375e2a767fe66882601663686eed43
7c2ae46cdb2f40f9bd67ea21a75aa5a83689864fd41985ecf516b70ff1b4ef3d
7c2d923dadf472a1c8811de791a495f95c53cbf97f24c45933acaa6a87d7360d
86de8319a3a9996e95c3e087e0e3af38d80e148b6c5c1982362e6c45e339ba3e
86ed319c6b2f67568428d0269f2439ce33001405582c3a3bc268b68cc127e2e1
8a68ca98e0ea2429c43b01c7876224cecc6b7d5b69a75773d95c228bf93d9950
8c52da6d1afc72da93e7f36183c88e9a4ced3054ed9983a06c52911691801002
8ca2aef826aaec09205dc6cc4a3244134ab493ba95a9249d5eb423ebf3293c34
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b94893c959d7561c221f89e3bed15a64459779028b515dcd554d0a9549e2373
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5
a15cde44dcb54e4626553d2d97d338bb599cd00ee0853931f070b69e3fff7c33
a26d90127ab0cac3109c6756915896dfc5f83641aa6fbae81650a21462ad61ba
a37a87da38ccf9c7b7a3f1d6530664eca9381fe709d0b4b625c1ab889924c928
a522687d8b152efdd12ccec781f54d91fa60de20408684f1ef41c1e672619c56
a6394e7afd335ba72d8ba623e6f46f8e63fbc9b7099c8cde97eed1d09278d296
a7568e5f136f73ab7d2f2db11140b4ed9b20e67c4757b3921fc315524c059350
aade8f54d80db68551a42b6141df6bf534ac3c8167e625f977a130a9bf353fea
ad5954d6cf2a097ef3ad929c192cfd0eb038029786c173e780e55f1600e9fd58
af543d166cff2476bfbcae9efdf7319133fcfe2d3cb5e504f744dc1174f40743
b095ef5df86bbd13cecf9b949136d3b5314097010a2ef01204dcc8cf0d0ffe18
be1fcf476fd6c5c8a4631c9e9d881505fadec1a571c857a097e6e0dddae99511
d67126d648d36c87038666a01ba245a703041d106ad00c1f3ce215a3cf24a94e
d856df6160484a9c19c5b618ec4fa4b8fa1036fa63e46e953d67c1ce7d529f84
de74143e9a4014a5aa6f6f3987683c8d1d63cdaf0251e07c1a1a36e5ef15ef25
e23c9f3328a372f4978d2d1da9a191ad902a01f78bbe3ea5a1ad8abaeaef6ce0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f66101e4ef89eff8d7f6676256fcc23659d124139496c3733e679a24dd4f92
e9de7e26c9af722791eef41ac51932e6cf446cc5f29cceccbb117c7a27e5411e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0055891f09fff4839b344a4af5e0482696cab0e0bf307455661ba4056c787ee