studiomdv.com
Open in
urlscan Pro
107.180.60.7
Malicious Activity!
Public Scan
Submission: On January 29 via api from US — Scanned from US
Summary
This is the only time studiomdv.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fedex (Transportation) Generic Email (Online)Domain & IP information
ASN400754 (GO-DADDY-COM-LLC, US)
PTR: 7.60.180.107.host.secureserver.net
studiomdv.com |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
fedex.digital.nuance.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
media-us2.digital.nuance.com |
ASN15169 (GOOGLE, US)
www.gstatic.com | |
fonts.gstatic.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-199-228-201.compute-1.amazonaws.com
fedex.demdex.net |
ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-238-80-27.jfk52.r.cloudfront.net
cdn.appdynamics.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-124-52.us-west-2.compute.amazonaws.com
col.eum-appdynamics.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
14 |
fedex.com
www.fedex.com — Cisco Umbrella Rank: 8499 |
658 KB |
12 |
nuance.com
fedex.digital.nuance.com — Cisco Umbrella Rank: 11501 media-us2.digital.nuance.com — Cisco Umbrella Rank: 9117 |
446 KB |
9 |
studiomdv.com
studiomdv.com |
335 KB |
7 |
gstatic.com
www.gstatic.com fonts.gstatic.com |
643 KB |
7 |
google.com
www.google.com — Cisco Umbrella Rank: 2 |
38 KB |
3 |
qualtrics.com
siteintercept.qualtrics.com — Cisco Umbrella Rank: 911 |
30 KB |
3 |
doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 td.doubleclick.net — Cisco Umbrella Rank: 488 |
5 KB |
2 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 |
396 B |
2 |
unpkg.com
1 redirects
unpkg.com — Cisco Umbrella Rank: 867 |
12 KB |
2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 1019 stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2998 |
29 KB |
1 |
eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 3544 |
1 KB |
1 |
appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4434 |
20 KB |
1 |
demdex.net
fedex.demdex.net — Cisco Umbrella Rank: 12152 |
3 KB |
1 |
googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 369 |
30 KB |
1 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 225 |
7 KB |
1 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 760 |
24 KB |
1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37 |
83 KB |
1 |
evgnet.com
cdn.evgnet.com — Cisco Umbrella Rank: 3643 |
46 KB |
1 |
adobedtm.com
assets.adobedtm.com — Cisco Umbrella Rank: 460 |
88 KB |
72 | 19 |
Domain | Requested by | |
---|---|---|
14 | www.fedex.com |
studiomdv.com
www.fedex.com |
9 | studiomdv.com |
studiomdv.com
|
7 | www.google.com |
studiomdv.com
www.fedex.com www.gstatic.com www.google.com |
6 | www.gstatic.com |
www.google.com
www.gstatic.com |
6 | media-us2.digital.nuance.com |
studiomdv.com
fedex.digital.nuance.com |
6 | fedex.digital.nuance.com |
studiomdv.com
fedex.digital.nuance.com www.fedex.com |
3 | siteintercept.qualtrics.com |
studiomdv.com
|
2 | pagead2.googlesyndication.com |
td.doubleclick.net
|
2 | unpkg.com |
1 redirects
studiomdv.com
|
2 | googleads.g.doubleclick.net |
studiomdv.com
www.fedex.com |
1 | col.eum-appdynamics.com |
cdn.appdynamics.com
|
1 | cdn.appdynamics.com |
www.fedex.com
|
1 | fonts.gstatic.com |
www.google.com
|
1 | td.doubleclick.net |
studiomdv.com
|
1 | fedex.demdex.net |
studiomdv.com
|
1 | stackpath.bootstrapcdn.com |
studiomdv.com
|
1 | ajax.googleapis.com |
studiomdv.com
|
1 | maxcdn.bootstrapcdn.com |
studiomdv.com
|
1 | cdnjs.cloudflare.com |
studiomdv.com
|
1 | code.jquery.com |
studiomdv.com
|
1 | www.googletagmanager.com |
studiomdv.com
|
1 | cdn.evgnet.com |
studiomdv.com
|
1 | assets.adobedtm.com |
studiomdv.com
|
72 | 23 |
This site contains links to these domains. Also see Links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.digital.nuance.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-14 - 2024-10-11 |
a year | crt.sh |
www.fedex.com Sectigo RSA Organization Validation Secure Server CA |
2023-05-18 - 2024-05-17 |
a year | crt.sh |
www.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-27 - 2024-03-26 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2023-07-11 - 2024-07-14 |
a year | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-07-03 - 2024-07-02 |
a year | crt.sh |
bootstrapcdn.com GTS CA 1P5 |
2024-01-28 - 2024-04-27 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
*.doubleclick.net GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
*.google.com GTS CA 1C3 |
2024-01-02 - 2024-03-26 |
3 months | crt.sh |
This page contains 7 frames:
Primary Page:
http://studiomdv.com/ertfgyhj/pluto.html
Frame ID: FA88D9EC550C718164E544E0F28CAFCE
Requests: 50 HTTP requests in this frame
Frame:
https://www.fedex.com/secure-login/assets/adrum/adrum-xd.7f7b11e2ec93e71bae6b513f9fdfe436.html
Frame ID: DC383BA8F78369D178EF96D9251D5B18
Requests: 1 HTTP requests in this frame
Frame:
https://fedex.demdex.net/dest5.html?d_nsid=2
Frame ID: 33A367EAB007A65953997B28DCC5F492
Requests: 1 HTTP requests in this frame
Frame:
https://www.fedex.com/nuance/nuance.html?IFRAME&nuance-frame-ac=0
Frame ID: 31A36AEFBCA503649B4CCA8BBCB74FAD
Requests: 7 HTTP requests in this frame
Frame:
https://td.doubleclick.net/td/rul/863238793?random=1704632879424&cv=11&fst=1704632879424&fmt=3&bg=ffffff&guid=ON&async=1>m=45be4130v878431205&gcd=11l1l1l1l1&dma=0&u_w=1366&u_h=768&url=https%3A%2F%2Fwww.fedex.com%2Fsecure-login%2Fen-us%2F&ref=https%3A%2F%2Fwww.google.com%2F&hn=www.googleadservices.com&frm=0&tiba=Login&auid=605741986.1701865633&fledge=1&data=event%3Dgtag.config
Frame ID: 3D9C34482C0D96C47ADD480E63EF8F52
Requests: 3 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeicVEpAAAAANBbS59QkaME29PJu-AYRJx15vn8&co=aHR0cDovL3N0dWRpb21kdi5jb206ODA.&hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&size=normal&cb=dz191s3ihmht
Frame ID: E1A402A6180B7EB19EBBD22E9BD2C351
Requests: 9 HTTP requests in this frame
Frame:
https://www.google.com/recaptcha/api2/bframe?hl=en&v=QUpyTKFkX5CIV6EF8TFSWEif&k=6LeicVEpAAAAANBbS59QkaME29PJu-AYRJx15vn8
Frame ID: BEB4E00C3680FF25396E5D1A082CA98A
Requests: 3 HTTP requests in this frame
Screenshot
Page Title
LoginDetected technologies
Bootstrap (Web Frameworks) ExpandDetected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppDynamics (Analytics) Expand
Detected patterns
- adrum
Google AdSense (Advertising Networks) Expand
Detected patterns
- googlesyndication\.com/
Google Tag Manager (Tag Managers) Expand
Detected patterns
- googletagmanager\.com/gtag/js
Popper (Miscellaneous) Expand
Detected patterns
- /popper\.js/([0-9.]+)
SweetAlert (JavaScript Libraries) Expand
Detected patterns
- sweet(?:-)?alert(?:\.min)?\.js
jQuery (JavaScript Libraries) Expand
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
reCAPTCHA (Captchas) Expand
Detected patterns
- /recaptcha/api\.js
Page Statistics
50 Outgoing links
These are links going to different origins than the main page.
Title: Fedex Home
Search URL Search Domain Scan URL
Title: Create a Shipment
Search URL Search Domain Scan URL
Title: Create a Shipment
Search URL Search Domain Scan URL
Title: Shipping Rates & Delivery Times
Search URL Search Domain Scan URL
Title: Schedule & Manage Pickups
Search URL Search Domain Scan URL
Title: Packing & Shipping Supplies
Search URL Search Domain Scan URL
Title: International Shipping Guide
Search URL Search Domain Scan URL
Title: Freight
Search URL Search Domain Scan URL
Title: Manage a Return
Search URL Search Domain Scan URL
Title: ALL SHIPPING SERVICES
Search URL Search Domain Scan URL
Title: Advanced Shipment Tracking
Search URL Search Domain Scan URL
Title: Manage Your Delivery
Search URL Search Domain Scan URL
Title: ALL TRACKING SERVICES
Search URL Search Domain Scan URL
Title: Explore Print, Products & Design
Search URL Search Domain Scan URL
Title: Browse Services
Search URL Search Domain Scan URL
Title: VISIT NEW MARKETPLACE
Search URL Search Domain Scan URL
Title: Drop Off a Package
Search URL Search Domain Scan URL
Title: Find a Location
Search URL Search Domain Scan URL
Title: Small Business Center
Search URL Search Domain Scan URL
Title: FedEx Service Guide
Search URL Search Domain Scan URL
Title: Account Management Tools
Search URL Search Domain Scan URL
Title: Frequently Asked Questions
Search URL Search Domain Scan URL
Title: File a Claim
Search URL Search Domain Scan URL
Title: Billing & Invoicing
Search URL Search Domain Scan URL
Title: Customer Support
Search URL Search Domain Scan URL
Title: CREATE A USER ID
Search URL Search Domain Scan URL
Title: FORGOT YOUR USER ID OR PASSWORD?
Search URL Search Domain Scan URL
Title: About FedEx
Search URL Search Domain Scan URL
Title: Our Portfolio
Search URL Search Domain Scan URL
Title: Investor Relations
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: FedEx Blog
Search URL Search Domain Scan URL
Title: Corporate Responsibility
Search URL Search Domain Scan URL
Title: Newsroom
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: FedEx Compatible
Search URL Search Domain Scan URL
Title: FedEx Developer Portal
Search URL Search Domain Scan URL
Title: FedEx Logistics
Search URL Search Domain Scan URL
Title: ShopRunner
Search URL Search Domain Scan URL
Title: United States
Search URL Search Domain Scan URL
Title: email
Search URL Search Domain Scan URL
Title: facebook
Search URL Search Domain Scan URL
Title: twitter
Search URL Search Domain Scan URL
Title: instagram
Search URL Search Domain Scan URL
Title: linkedin
Search URL Search Domain Scan URL
Title: youtube
Search URL Search Domain Scan URL
Title: pinterest
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: Terms of Use
Search URL Search Domain Scan URL
Title: Privacy & Security
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 39- https://unpkg.com/sweetalert/dist/sweetalert.min.js HTTP 302
- https://unpkg.com/sweetalert@2.1.2/dist/sweetalert.min.js
72 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
pluto.html
studiomdv.com/ertfgyhj/ |
2 MB 335 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10006050.js
fedex.digital.nuance.com/chatskins/launch/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
launch-b5423a732003.min.js
assets.adobedtm.com/686b8f0c4520/a46df9c77975/ |
535 KB 88 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config-wlgn.js
www.fedex.com/gdl/ |
210 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-ext.7f7b11e2ec93e71bae6b513f9fdfe436.js
www.fedex.com/secure-login/assets/adrum/ |
51 KB 17 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
api.js
www.google.com/recaptcha/ |
1 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
5d2c3eec
www.fedex.com/akam/13/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gdl-fedex.js
www.fedex.com/gdl/ |
858 KB 234 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863238793/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.d4c11cd65f6f6fc513bb.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
72 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
7.c677f83c9eec0bfd12b3.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1.222db855180bcd258b60.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nuance-c2c-button.css
fedex.digital.nuance.com/chatskins/sites/10006050/flash/civ2_fedex_theme/ |
15 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
InqFrameworkService.js
media-us2.digital.nuance.com/media/launch/ci/ |
0 92 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pre-acif.js
fedex.digital.nuance.com/tagserver/acif/ |
0 602 B |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif.js
media-us2.digital.nuance.com/media/launch/acif/ |
0 112 KB |
Other
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
acif-configs.js
media-us2.digital.nuance.com/media/sites/10006050/assets/automatons/ |
0 0 |
Other
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo.png
www.fedex.com/content/dam/fedex-com/logos/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FedExSans_W-Regular.woff
studiomdv.com/ertfgyhj/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FedExSans_W-Bold.woff
studiomdv.com/ertfgyhj/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FedExSans_W-Light.woff
studiomdv.com/ertfgyhj/assets/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ |
481 KB 193 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/863238793/ |
42 B 327 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
runtime.a3e9df6f9dd3fee1.js
studiomdv.com/ertfgyhj/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
polyfills.83e6fbf76e374583.js
studiomdv.com/ertfgyhj/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
scripts.a3ede4b2dd0b83f7.js
studiomdv.com/ertfgyhj/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
main.fa0851912bedb4b8.js
studiomdv.com/ertfgyhj/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
A1AmdTU
studiomdv.com/hxSHzMCBXwLSp/v/GZOLkTDCX4vHE/ipiXNDhtk6/MC1qe2sqAQ/YCZc/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum.js
www.fedex.com/secure-login/assets/adrum/ |
98 KB 30 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
script.js
www.fedex.com/simplifiedhf/js/ |
669 KB 118 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common-core_SHF.css
www.fedex.com/simplifiedhf/css/ |
1 MB 101 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
evergage.min.js
cdn.evgnet.com/beacon/fedexcorp/fedex_prod/scripts/ |
169 KB 46 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
250 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatLoader.min.js
media-us2.digital.nuance.com/media/launch/ |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
site_10006050_default_helper.js
media-us2.digital.nuance.com/media/launch/ |
28 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.2.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.12.9/umd/ |
19 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
maxcdn.bootstrapcdn.com/bootstrap/4.0.0/js/ |
48 KB 14 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.2.4/ |
84 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ |
50 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sweetalert.min.js
unpkg.com/sweetalert@2.1.2/dist/ Redirect Chain
|
40 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FedExSans_W-Regular.woff
www.fedex.com/simplifiedhf/css/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FedExSans_W-Light.woff
www.fedex.com/simplifiedhf/css/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
FedExSans_W-Bold.woff
www.fedex.com/simplifiedhf/css/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
adrum-xd.7f7b11e2ec93e71bae6b513f9fdfe436.html
www.fedex.com/secure-login/assets/adrum/ Frame DC38 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
fedex.demdex.net/ Frame 33A3 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
nuance.html
www.fedex.com/nuance/ Frame 31A3 |
450 B 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
863238793
td.doubleclick.net/td/rul/ Frame 3D9C |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lotus_c2c.svg
fedex.digital.nuance.com/chatskins/sites/10006050/flash/civ2_fedex_theme/ |
2 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FedExSans_Rg.ttf
fedex.digital.nuance.com/chatskins/sites/10006050/flash/civ2_fedex_theme/ |
199 KB 200 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863238793/ |
2 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
anchor
www.google.com/recaptcha/api2/ Frame E1A4 |
45 KB 28 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
inqChatLaunch10006050.js
fedex.digital.nuance.com/chatskins/launch/ Frame 31A3 |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
FBtB1Q
www.fedex.com/mC_o8fn_Ka9DOz_wsCwUoDAe/YcakDVwS6fmY/STdCAQ/ZXMeM/ Frame 31A3 |
203 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
pagead2.googlesyndication.com/pagead/gen_204/ Frame 3D9C |
0 349 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
pagead2.googlesyndication.com/pagead/gen_204/ Frame 3D9C |
0 47 B |
Ping
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame E1A4 |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame E1A4 |
481 KB 192 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.com/pagead/1p-user-list/863238793/ |
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
chatLoader.min.js
media-us2.digital.nuance.com/media/launch/ Frame 31A3 |
22 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
FBtB1Q
www.fedex.com/mC_o8fn_Ka9DOz_wsCwUoDAe/YcakDVwS6fmY/STdCAQ/ZXMeM/ Frame 31A3 |
18 B 991 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E1A4 |
14 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ Frame E1A4 |
2 KB 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame E1A4 |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E1A4 |
15 KB 15 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
qMev7i6X24vl5sjxzUkBtmX7wXFxxkn-xHhhygtdWMk.js
www.google.com/js/bg/ Frame E1A4 |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webworker.js
www.google.com/recaptcha/api2/ Frame E1A4 |
102 B 135 B |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
adrum-ext.7f7b11e2ec93e71bae6b513f9fdfe436.js
cdn.appdynamics.com/ |
51 KB 20 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bframe
www.google.com/recaptcha/api2/ Frame BEB4 |
7 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
styles__ltr.css
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame BEB4 |
55 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
recaptcha__en.js
www.gstatic.com/recaptcha/releases/QUpyTKFkX5CIV6EF8TFSWEif/ Frame BEB4 |
481 KB 192 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
FBtB1Q
www.fedex.com/mC_o8fn_Ka9DOz_wsCwUoDAe/YcakDVwS6fmY/STdCAQ/ZXMeM/ Frame 31A3 |
18 B 998 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
FBtB1Q
www.fedex.com/mC_o8fn_Ka9DOz_wsCwUoDAe/YcakDVwS6fmY/STdCAQ/ZXMeM/ Frame 31A3 |
18 B 996 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/ |
0 1 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.fedex.com
- URL
- https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Regular.woff
- Domain
- www.fedex.com
- URL
- https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Light.woff
- Domain
- www.fedex.com
- URL
- https://www.fedex.com/simplifiedhf/css/assets/fonts/FedExSans_W-Bold.woff
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fedex (Transportation) Generic Email (Online)82 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 string| bazadebezolkohpepadr object| _satellite boolean| __satelliteLoaded object| _fdx object| f object| gdl function| evaluateLegacySettings function| wrapWithTryCatch function| secureProtocol function| getParentV3LanderConfig function| loadChat object| v3Lander object| v3LanderConfig undefined| _ object| WAFQualtricsWebpackJsonP-cloud-1.104.0 undefined| logInCallback string| configDCID string| configAWID string| objConfig object| sc function| gtag object| dataLayer object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| __core-js_shared__ object| core number| s_objectID number| s_giq object| FDX object| recaptcha object| ADRUM number| adrum-start-time function| setImmediate function| clearImmediate function| SHFAuthenticated function| SHFBeforeLogout function| SHF_doLogin function| SHF_doLogout function| SHF_isLoggedIn function| SHF_removeRedirectCookie function| SHF_onLocaleChange string| SHF_host string| SHF_locale function| SHF_fetchHeaderFooter function| SHF_HeaderFooter object| Evergage string| VE_CUSTOM_EVENT_NAME string| TO_LAUNCHER_MESSAGE_TYPE string| TO_LAUNCHER_PAYLOAD_TYPE object| eventLinkId object| evgr function| sendMessageToEvergageLauncher number| evergageBeaconParseTimeStart object| SalesforceInteractions number| evergageBeaconParseTimeEnd function| render number| evergagePageMatchTimeout number| evergageReshowPersonalizedSectionsTimeout object| __webpack_exports__ function| $ function| jQuery object| google_tag_manager object| google_tag_data object| JSSDK_HELPER function| Popper object| bootstrap object| GooglebQhCsO function| swal function| sweetAlert string| currentPath boolean| isCaasMobEnabled string| ur object| closure_lm_3279587 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.studiomdv.com/ | Name: gdl-clientId Value: bd9a60c3-524d-43ac-b8da-4989a0598d65 |
|
.studiomdv.com/ | Name: s_invisit Value: true |
|
.studiomdv.com/ | Name: g_sref Value: (direct) |
|
.studiomdv.com/ | Name: g_stime Value: 1706492561027 |
|
.studiomdv.com/ | Name: s_vnum Value: 1706522399999&vn=1 |
|
.studiomdv.com/ | Name: _gcl_au Value: 1.1.80927781.1706492562 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUn207BuSvDBtQhaqXtHfv6BeQtYPUI36EvwsYxhASCM5elHasrIGUrzHP_N |
21 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.googleapis.com
assets.adobedtm.com
cdn.appdynamics.com
cdn.evgnet.com
cdnjs.cloudflare.com
code.jquery.com
col.eum-appdynamics.com
fedex.demdex.net
fedex.digital.nuance.com
fonts.gstatic.com
googleads.g.doubleclick.net
maxcdn.bootstrapcdn.com
media-us2.digital.nuance.com
pagead2.googlesyndication.com
siteintercept.qualtrics.com
stackpath.bootstrapcdn.com
studiomdv.com
td.doubleclick.net
unpkg.com
www.fedex.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.fedex.com
104.17.209.240
107.180.60.7
151.101.0.114
18.238.80.27
20.80.226.132
2600:1402:b800:390::1e80
2600:141b:1c00:20::1730:e0a4
2606:4700::6810:7eaf
2606:4700::6811:190e
2606:4700::6812:acf
2606:4700::6812:bcf
2607:f8b0:4004:c08::93
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::9d
2607:f8b0:4004:c17::9c
2607:f8b0:4006:80d::2008
2607:f8b0:4006:80f::2002
2607:f8b0:4006:81c::200a
2620:1ec:48:1::40
2a04:4e42::649
34.199.228.201
52.24.124.52
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0964d141519db34adc6aa127a33dbc6761cda1e56b584ea402082d99c44afb9e
13fb8722dbf29a6763542f17eefd6f167d5ccb43b12821f8feaf21154b2e228e
1b0165d3a56fcd566683f792562c2a973f4d0799ad42a0a080a69efdcf387537
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
27131c6c0720bd41841c1bf5ceff48993a48c24a1b7601c00197710501ad1b19
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
31d723294c248135b7a6fe4fa340197b3802ea8247e16036fd7cbeb718f65b0e
328133b8a3494e1e990142e3bd62b8fdfd6c4168a3c42b1fe4de5be2be14e2ad
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43ef4025567f7a15859b5252b6ccc1efe2ff8c7331b1aefbea7ce88eb5084d27
44a838a30a424362ba6eb21d139192a5c15805fa0447e0bb1926a8fab9f33d23
4d002318db473daf8a8ad860d3e282649d2bbcb689890515a63d52de0fb579a8
50c58a75ae5804f843e3ef16db555d44b575d8c369afb1efcd163cb76ade4b16
55054dcedfeacfa6740438956a10cb1c7a8acfcdc642ea9cf91131ca4b93f3a4
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5b2648d0c1ec528ec1c912fa39763bc8a0ae07b2ba33680954ba61f0796cab46
5dbb03cc502f594ddaac07d4adfbe913d084390efc5045b9f9d555c114064c48
6004bf37ff43253bb91a331f9d142f69359f8a2cb02e4b82a95cb04ea50fd803
680fcd85850906013938750127753f37f17bf6c45b49e7a58a5ade0fd0e84377
7060a61f85ac37b4648083b50deb671312e8eac5f9aabb4a21531bd0873179e0
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ccac35758e3845c38dbdd0e47f858c6f35aed005375bc66086d24ce71fb42dc
7d61c6329c5eea651d09e2f4d8f5533751b47d90af6e75c0db658ff1c84712ce
8689d29657902b2a3502ce2d56c09ebd59bdf91933c234647cd35c5cf4e38835
9365920887b11b33a3dc4ba28a0f93951f200341263e3b9cefd384798e4be398
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
a2ca0b4b8ebdaa5823339688666661f99a4deabf9604cf94dea91ae3ae110660
a52f7aa54d7bcaafa056ee0a050262dfc5694ae28dee8b4cac3429af37ff0d66
a8c7afee2e97db8be5e6c8f1cd4901b665fbc17171c649fec47861ca0b5d58c9
af5885e0c4c84c554ef508e2860fbb1f89b83bcfbdf039dfa041cdfb36916a6d
bd12bc1ba2176fbd0e93ddf963b35eb936ff82f9a949ca11f94e20eedfaf7593
c371a33590f6ef10e2f45bb192899657d0536a43246f1b5d3456f9465387affa
cccbd316b2e050d41ebf62c8c613d5bfae33cd43104ac3b772c9e10950a3dbd2
d96185a70d7be4e3c5d2d01fe65519df1797727bd39de8dcb56f21856ac97757
da1f662ca8bdd8c8fbe00fbb7643f38a235fcbf78fb4bc55796f920824e28b79
df229e64f238037ed087eafb3581afa77e7984adc02f9982b6c3644990d37423
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
e92e4432090d41a6444853dfc63091062a38ce4bea2fd35efa8f394c66a3f2f7
ec2eb46d201ab565ae68f3f13950578d225d3423b09d4ddb3593f01d1cf3a0fc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f56c8d5084300da7fcd052835a2147b5d69d253d137920832e6c9f81e34e16e8
f9cf75db199ee99a2daba8e66226979121d49654b8e4abf43ee8dbcea6648620
fcd6acab1a311e89ae1aef024707e986871eff4071c584de3e93970c5fc4a23d