www.skateprogression.com
Open in
urlscan Pro
2606:4700:3033::681b:b277
Malicious Activity!
Public Scan
Submitted URL: https://www.skateprogression.com/FedEx%20Edit
Effective URL: https://www.skateprogression.com/FedEx%20Edit/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13Inb...
Submission: On April 26 via automatic, source openphish
Effective URL: https://www.skateprogression.com/FedEx%20Edit/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13Inb...
Submission: On April 26 via automatic, source openphish
Summary
This website contacted 13 IPs
in 5 countries
across 12 domains to perform 72 HTTP transactions.
The main IP is 2606:4700:3033::681b:b277, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.skateprogression.com.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 14th 2020. Valid for: 8 months.
This is the only time www.skateprogression.com was scanned on urlscan.io!
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on February 14th 2020. Valid for: 8 months.
This is the only time www.skateprogression.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fedex (Transportation)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 2 49 | 2606:4700:303... 2606:4700:3033::681b:b277 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 2 | 52.209.191.154 52.209.191.154 | 16509 (AMAZON-02) (AMAZON-02) | |
| 5 | 2a02:26f0:6c0... 2a02:26f0:6c00:28a::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 54.152.53.96 54.152.53.96 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 216.58.207.38 216.58.207.38 | 15169 (GOOGLE) (GOOGLE) | |
| 4 | 2a02:26f0:6c0... 2a02:26f0:6c00:19d::2070 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 1 | 66.117.29.11 66.117.29.11 | 15224 (OMNITURE) (OMNITURE) | |
| 1 | 2a02:26f0:6c0... 2a02:26f0:6c00:298::11e2 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
| 1 | 15.188.105.205 15.188.105.205 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 13.224.186.14 13.224.186.14 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 192.135.86.138 192.135.86.138 | 17144 (NUANCE-NOD) (NUANCE-NOD) | |
| 1 | 54.77.236.71 54.77.236.71 | 16509 (AMAZON-02) (AMAZON-02) | |
| 3 | 151.101.14.27 151.101.14.27 | 54113 (FASTLY) (FASTLY) | |
| 72 | 13 |
2
52.209.191.154
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-191-154.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-209-191-154.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
54.152.53.96
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-53-96.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-152-53-96.compute-1.amazonaws.com
| ws.sessioncam.com |
1
216.58.207.38
(Mountain View, United States)
ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f6.1e100.net
ASN15169 (GOOGLE, US)
PTR: fra16s24-in-f6.1e100.net
| fls.doubleclick.net |
1
15.188.105.205
(Paris, France)
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com
| smetrics.fedex.com |
1
13.224.186.14
(Seattle, United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-14.fra2.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-224-186-14.fra2.r.cloudfront.net
| d2oh4tlt9mrke9.cloudfront.net |
1
54.77.236.71
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-236-71.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-236-71.eu-west-1.compute.amazonaws.com
| fedex.demdex.net |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 49 |
skateprogression.com
2 redirects
www.skateprogression.com |
2 MB |
| 5 |
fedex.com
www.fedex.com smetrics.fedex.com |
123 KB |
| 5 |
adobedtm.com
assets.adobedtm.com |
92 KB |
| 3 |
ooyala.com
player.ooyala.com |
160 KB |
| 3 |
demdex.net
1 redirects
dpm.demdex.net fedex.demdex.net |
2 KB |
| 1 |
nuance-va.com
agent.nuance-va.com |
62 B |
| 1 |
cloudfront.net
d2oh4tlt9mrke9.cloudfront.net |
57 KB |
| 1 |
adobe.com
cimage.adobe.com |
353 B |
| 1 |
omtrdc.net
1 redirects
fedex.tt.omtrdc.net |
335 B |
| 1 |
doubleclick.net
fls.doubleclick.net |
231 B |
| 1 |
sessioncam.com
ws.sessioncam.com |
|
| 0 |
Failed
function sub() { [native code] }. Failed |
|
| 72 | 12 |
| Domain | Requested by | |
|---|---|---|
| 49 | www.skateprogression.com |
2 redirects
www.skateprogression.com
|
| 5 | assets.adobedtm.com |
www.skateprogression.com
|
| 4 | www.fedex.com |
www.skateprogression.com
|
| 3 | player.ooyala.com |
www.skateprogression.com
player.ooyala.com |
| 2 | dpm.demdex.net |
1 redirects
www.skateprogression.com
|
| 1 | fedex.demdex.net |
www.skateprogression.com
|
| 1 | agent.nuance-va.com |
www.skateprogression.com
|
| 1 | d2oh4tlt9mrke9.cloudfront.net |
www.skateprogression.com
|
| 1 | smetrics.fedex.com |
www.skateprogression.com
|
| 1 | cimage.adobe.com |
www.skateprogression.com
|
| 1 | fedex.tt.omtrdc.net | 1 redirects |
| 1 | fls.doubleclick.net |
www.skateprogression.com
|
| 1 | ws.sessioncam.com |
www.skateprogression.com
|
| 0 | kajfghlhfkcocafkcjlajldicbikpgnp Failed |
www.skateprogression.com
|
| 72 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.fedex.com |
| getrewards.fedex.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-02-14 - 2020-10-09 |
8 months | crt.sh |
| *.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
| assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
| ws.sessioncam.com Amazon |
2020-04-16 - 2021-05-16 |
a year | crt.sh |
| *.doubleclick.net GTS CA 1O1 |
2020-04-07 - 2020-06-30 |
3 months | crt.sh |
| www.fedex.com GeoTrust RSA CA 2018 |
2019-10-10 - 2020-12-08 |
a year | crt.sh |
| *.adobe.com DigiCert SHA2 Secure Server CA |
2020-01-24 - 2021-02-22 |
a year | crt.sh |
| smetrics.fedex.com DigiCert Global CA G2 |
2019-08-01 - 2021-10-14 |
2 years | crt.sh |
| *.cloudfront.net DigiCert Global CA G2 |
2019-07-17 - 2020-07-05 |
a year | crt.sh |
| *.nuance-va.com DigiCert Global CA G2 |
2018-01-03 - 2021-01-03 |
3 years | crt.sh |
| brightcove.com GlobalSign CloudSSL CA - SHA256 - G3 |
2020-04-19 - 2021-04-20 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.skateprogression.com/FedEx%20Edit/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4
Frame ID: 38DFC448AA1A00AF07050FBE43E902E6
Requests: 58 HTTP requests in this frame
Frame:
https://www.skateprogression.com/FedEx%20Edit/files/activityi.html
Frame ID: 878CBA82174819B05FA081D733E95842
Requests: 4 HTTP requests in this frame
Frame:
https://www.skateprogression.com/FedEx%20Edit/files/saved_resource.html
Frame ID: 9A7B2416BFFE5B6A02B6C98B2B2071A8
Requests: 4 HTTP requests in this frame
Frame:
https://www.skateprogression.com/FedEx%20Edit/files/saved_resource(1).html
Frame ID: CB49CA0E7D8EF29679B4D95C31E0650B
Requests: 4 HTTP requests in this frame
Frame:
https://fedex.demdex.net/dest5.html?d_nsid=0
Frame ID: 16CFFB98EB71B592A7A91740C8622A72
Requests: 1 HTTP requests in this frame
Frame:
https://player.ooyala.com/ooyala_storage.html
Frame ID: 14676AE9C492E6966198C4E8EA880961
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.skateprogression.com/FedEx%20Edit
HTTP 301
https://www.skateprogression.com/FedEx%20Edit/ HTTP 302
https://www.skateprogression.com/FedEx%20Edit/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fi... Page URL
Detected technologies
Adobe Experience Manager
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/clientlibs\//i
- script /\/etc.clientlibs\//i
Java
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/etc\/clientlibs\//i
- script /\/etc.clientlibs\//i
Adobe DTM
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/\/assets.adobedtm.com\//i
CloudFlare
(CDN)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- headers server /^cloudflare$/i
DoubleClick Floodlight
(Advertising Networks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /https?:\/\/fls\.doubleclick\.net/i
SiteCatalyst
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /\/s[_-]code.*\.js/i
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
Page Statistics
9 Outgoing links
These are links going to different origins than the main page.
URL: https://www.fedex.com/en-us/home.html
Title:
Title:
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/home.html
Title: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Your IP address (2a01:4f8:192:5414::2) have been logged for security purposes.
Title: Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Your IP address (2a01:4f8:192:5414::2) have been logged for security purposes.
Search URL Search Domain Scan URL
URL: https://getrewards.fedex.com/
Title: Rewards
Title: Rewards
Search URL Search Domain Scan URL
URL: https://www.fedex.com/us/fcl/pckgenvlp/insight/
Title: Insight
Title: Insight
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/customer-support/claims.html
Title: Claims
Title: Claims
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/quick-help/sm_history.html
Title: Shipping History
Title: Shipping History
Search URL Search Domain Scan URL
URL: https://www.fedex.com/en-us/billing-online.html
Title: Billing
Title: Billing
Search URL Search Domain Scan URL
URL: https://www.fedex.com/us/tracking/f_quickhelp.html
Title: NEED HELP?
Title: NEED HELP?
Search URL Search Domain Scan URL
URL: https://www.fedex.com/apps/fdmenrollment/
Title: Get Started
Title: Get Started
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.skateprogression.com/FedEx%20Edit
HTTP 301
https://www.skateprogression.com/FedEx%20Edit/ HTTP 302
https://www.skateprogression.com/FedEx%20Edit/login.php?rand=13InboxLightaspxn.1774256418&fid.4.1252899642&fid=1&fav.1&rand.13InboxLight.aspxn.1774256418&fid.1252899642&fid.1&fav.1&email=&.rand=13InboxLight.aspx?n=1774256418&fid=4 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 26- https://dpm.demdex.net/id?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E22171B520E93BF0A490D44%40AdobeOrg&d_nsid=0&ts=1587904440752 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=2.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E22171B520E93BF0A490D44%40AdobeOrg&d_nsid=0&ts=1587904440752
- https://fedex.tt.omtrdc.net/m2/fedex/ubox/image?mbox=3rdPartySet&mboxHost=www.skateprogression.com&mboxDefault=https://cimage.adobe.com/onepixel.gif&mboxXDomain=enabled&mboxSession=077e7bb9993d42b0a19fc2657f5fda8f&profile.thirdPartyCookieSet=true&mboxPC=077e7bb9993d42b0a19fc2657f5fda8f.26_15 HTTP 302
- https://cimage.adobe.com/onepixel.gif
72 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login.php
www.skateprogression.com/FedEx%20Edit/ Redirect Chain
|
58 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s93591262351213
www.skateprogression.com/FedEx%20Edit/files/ |
3 KB 3 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
f.txt
www.skateprogression.com/FedEx%20Edit/files/ |
40 B 176 B |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.fb50358df4c2bd6aa6e1dd5b0d9b9d29.js
www.skateprogression.com/FedEx%20Edit/files/ |
111 KB 37 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homepage.min.452bb7966cffb2be804335129d53287d.css
www.skateprogression.com/FedEx%20Edit/files/ |
438 KB 59 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
secureCheck.min.42010d584c990b029ec1fef9052d4f79.js
www.skateprogression.com/FedEx%20Edit/files/ |
3 KB 974 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satelliteLib-3d572d82e882030a8850fcead05e17462ad161ac.js
www.skateprogression.com/FedEx%20Edit/files/ |
142 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
www.skateprogression.com/FedEx%20Edit/files/ |
72 KB 25 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
33af3c9a
www.skateprogression.com/FedEx%20Edit/files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sessioncam.recorder.js
www.skateprogression.com/FedEx%20Edit/files/ |
273 KB 70 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
www.skateprogression.com/FedEx%20Edit/files/ |
189 KB 59 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5959e13664746d6f1a0106eb.js
www.skateprogression.com/FedEx%20Edit/files/ |
1 KB 819 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-594bfa3264746d3fce00d53a.js
www.skateprogression.com/FedEx%20Edit/files/ |
1 KB 678 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent-us.min.css
www.skateprogression.com/FedEx%20Edit/files/ |
21 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent.min.js
www.skateprogression.com/FedEx%20Edit/files/ |
275 KB 55 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
config.aspx
www.skateprogression.com/FedEx%20Edit/files/ |
145 B 279 B |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo.png
www.skateprogression.com/FedEx%20Edit/files/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
sprite-placeholder.png
www.skateprogression.com/FedEx%20Edit/files/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
form_help.png
www.skateprogression.com/FedEx%20Edit/Files/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
delivery_driver_home_express_shipping_1511023269.jpg
www.skateprogression.com/FedEx%20Edit/files/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
FED03324_FY19_Summer_FX_Ground_US_HP_ContainerDrawer_727x643_C_1039825184.jpg
www.skateprogression.com/FedEx%20Edit/files/ |
232 KB 233 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
lodash.min.js
www.skateprogression.com/FedEx%20Edit/files/ |
67 KB 22 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
homepage.min.e3c9a0b7e8a87ae9989a660683765054.js
www.skateprogression.com/FedEx%20Edit/files/ |
562 KB 138 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5a4d184d64746d57b6001018.js
www.skateprogression.com/FedEx%20Edit/files/ |
130 B 200 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bd-1-30
www.skateprogression.com/FedEx%20Edit/files/ |
55 KB 55 KB |
Script
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
214 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mbox-contents-8d4600b0866454fd3a244faee455cca08c786d12.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/ |
76 KB 28 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
config.aspx
ws.sessioncam.com/Record/ |
0 0 |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
json
fls.doubleclick.net/ |
40 B 231 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
modernizr.min.js
www.fedex.com/templates/components/libraries/1.1/modernizr/2.6.1/ |
16 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
onepixel.gif
cimage.adobe.com/ Redirect Chain
|
49 B 353 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
menu-sprite.png
www.skateprogression.com/FedEx%20Edit/images/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Brand_20171207_Homepage_Hero_Aug152018_1766145666.png
www.skateprogression.com/files/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Regular.ttf
www.skateprogression.com/FedEx%20Edit/common/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
flags.png
www.skateprogression.com/FedEx%20Edit/images/ |
11 KB 11 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
footer-sprite.png
www.skateprogression.com/FedEx%20Edit/images/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Light.ttf
www.skateprogression.com/FedEx%20Edit/common/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Roboto-Bold.ttf
www.skateprogression.com/FedEx%20Edit/common/css/fonts/ |
0 0 |
Font
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5a4d184d64746d57b6001018.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ |
130 B 376 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s-code-contents-b3d5275fdca06ca6e2c6721104ca42cc1f30a2f4.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/ |
220 KB 62 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
id
smetrics.fedex.com/ |
48 B 251 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sessioncam.recorder.js
d2oh4tlt9mrke9.cloudfront.net/Record/js/ |
257 KB 57 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
activityi.html
www.skateprogression.com/FedEx%20Edit/files/ Frame 878C |
831 B 525 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
_data
www.skateprogression.com/_bm/ |
11 KB 3 KB |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
VA_Icon.png
www.fedex.com/content/dam/fedex-com/images/us/va-nina/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
VA_Tagline.png
www.fedex.com/content/dam/fedex-com/images/us/va-nina/ |
2 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ Frame 878C |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ Frame 878C |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dc_pre=CJHTgcGNld0CFVTjGwodgHgPTA
www.skateprogression.com/FedEx%20Edit/files/ Frame 878C |
42 B 350 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
saved_resource.html
www.skateprogression.com/FedEx%20Edit/files/ Frame 9A7B |
607 B 567 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
saved_resource(1).html
www.skateprogression.com/FedEx%20Edit/files/ Frame CB49 |
607 B 406 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ Frame CB49 |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ Frame CB49 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ra.pixel
www.skateprogression.com/FedEx%20Edit/files/ Frame CB49 |
43 B 384 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rolka.gif
www.skateprogression.com/html/skateprogression.com/img/ Frame 9A7B |
338 KB 338 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
catcher.js
kajfghlhfkcocafkcjlajldicbikpgnp/ Frame 9A7B |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ra.pixel
www.skateprogression.com/FedEx%20Edit/files/ Frame 9A7B |
43 B 125 B |
Image
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoptimize_c31b1dddb9c73df3ec81f7c01c845712.js
www.skateprogression.com/wp-content/cache/autoptimize/js/ |
170 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
autoptimize_f267d32eefa437619db8c3122ef24485.css
www.skateprogression.com/wp-content/cache/autoptimize/css/ |
291 KB 47 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
houston.html
agent.nuance-va.com/houston/ |
2 B 62 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST |
fedexlogin
www.fedex.com/etc/services/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-5959e13664746d6f1a0106eb.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ |
1 KB 984 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
satellite-594bfa3264746d3fce00d53a.js
assets.adobedtm.com/7d22d70439461d29ed62de66a54d3d615b02b63e/scripts/ |
1 KB 839 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent-us.min.css
www.skateprogression.com/etc/clientlibs/fedex/components/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
virtualagent.min.js
www.skateprogression.com/etc/clientlibs/fedex/components/virtualagent-us/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
dest5.html
fedex.demdex.net/ Frame 16CF |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
core.min.js
player.ooyala.com/static/v4/stable/4.18.15/ |
543 KB 143 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
main_html5.min.js
player.ooyala.com/static/v4/stable/4.18.15/video-plugin/ |
51 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ooyala_storage.html
player.ooyala.com/ Frame 1467 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
html5-skin.min.js
www.fedex.com/etc/clientlibs/fedex/components/ooyala-player/js/ |
445 KB 110 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- kajfghlhfkcocafkcjlajldicbikpgnp
- URL
- chrome-extension://kajfghlhfkcocafkcjlajldicbikpgnp/catcher.js
- Domain
- www.fedex.com
- URL
- https://www.fedex.com/etc/services/fedexlogin
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fedex (Transportation)158 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate object| FDX object| fdx function| $ function| jQuery object| matched object| browser function| Visitor object| _satellite object| s_c_il number| s_c_in function| targetPageParams object| _adobe object| s string| data string| route object| targetGlobalSettings object| adobe object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate string| bazadebezolkohpepadr object| html5 function| html5shim object| sessionCamRecorder function| SessionCamRecorder number| scInitTime0 function| sessionCamJQuery function| fdx_initSCVars function| fdx_debug function| fdx_setCookie function| fdx_getCookie function| fdx_campaign function| fdx_gup function| fdx_fireSDotT function| fdx_fireSDotTL function| fdx_iSrch function| scIS function| fdx_scIS function| logLinkView function| fdx_logLinkView function| setLinkView function| fdx_setLinkView function| fdx_getLinkView function| fdx_linkFormat function| fdx_trackMapping function| fdx_logDownload function| fdx_createCustomEvent function| fdx_dispatchCustomEvent function| fdx_fireCustomEvent function| logPageView function| fdx_logPageView function| logPurchase function| fdx_logProdView function| fdx_convertToStr function| fdx_logChat function| fdx_logTrackPOD function| fdx_logFXO function| s_doPlugins function| fdx_initPlugins function| AppMeasurement_Module_Media function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| fdx_runSCode function| fdx_initSCode function| DIL number| s_objectID number| s_giq string| sc_code_ver string| sc_code_ver_date string| s_version string| s_account string| nltrk object| s_Integrate_DFA string| v string| sc_s_etrid string| sc_s_acxrid string| sc_fcl_uuid function| appTarget boolean| isOpera boolean| isFirefox boolean| isSafari boolean| isChrome boolean| isIE undefined| firefoxVersion undefined| ieVersion string| chromeVersion undefined| safariVersion undefined| firefoxPosition undefined| iePosition undefined| ieEnd number| chromePosition number| chromeEnd undefined| safariPosition undefined| safariEnd object| Nina object| ModernizrForNina object| NinaVars object| img string| s_tnt string| tntVal function| validate function| _ function| Swipe object| WTRK function| initTimer function| silentCountdown function| countdown function| initFDX_SA_Map object| skin function| schLoadTracking function| autoExpandAccordion function| DP_jQuery_1587904440916 object| jQuery1124017579045610908772 object| fdxTnt object| s_5_Integrate_DFA_get_0 string| fdx_locale object| scRec string| ua object| tem object| M object| mobilePatt boolean| isMobile boolean| returnType string| osTemp string| browserType string| fdx_browserType number| fdx_browserVMajor function| openModal object| _cf object| _ac object| bmak string| _sd_trace function| fdx_spSrch function| fdx_logPurchase function| fdx_logPurchaseMAGS function| fdx_logPurchaseMAGR function| fdx_logPurchaseWREG function| processData object| Modernizr function| yepnope object| NinaPostQualif object| OO undefined| Hazmat function| jsSHA object| LZW object| base64 object| callbackQueue function| generateDeviceId object| Ooyala object| global undefined| callback9 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .skateprogression.com/ | Name: __cfduid Value: d3ae021b642e6d3eb6fd693edc3e31c191587904436 |
|
| www.skateprogression.com/ | Name: sc.Status Value: 2 |
|
| .skateprogression.com/ | Name: AMCVS_1E22171B520E93BF0A490D44%40AdobeOrg Value: 1 |
|
| .skateprogression.com/ | Name: Nina-nina-fedex-session Value: %7B%22locale%22%3A%22en_us%22%2C%22lcstat%22%3Afalse%7D |
|
| .skateprogression.com/ | Name: s_pers Value: %20s_dfa%3Dfedexglbldev%252Cfedexglobaldev%7C1587906241008%3B |
|
| www.skateprogression.com/ | Name: sc.ASP.NET_SESSIONID Value: undefined |
|
| .skateprogression.com/ | Name: s_sess Value: %20setLink%3D%3B |
|
| .skateprogression.com/ | Name: AMCV_1E22171B520E93BF0A490D44%40AdobeOrg Value: -894706358%7CMCIDTS%7C18379%7CMCMID%7C78000982758813214602435609272837126455%7CMCAAMLH-1588509240%7C6%7CMCAAMB-1588509240%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1587911640s%7CNONE%7CMCAID%7CNONE%7CvVersion%7C2.3.0 |
|
| .skateprogression.com/ | Name: check Value: true |
4 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
agent.nuance-va.com
assets.adobedtm.com
cimage.adobe.com
d2oh4tlt9mrke9.cloudfront.net
dpm.demdex.net
fedex.demdex.net
fedex.tt.omtrdc.net
fls.doubleclick.net
kajfghlhfkcocafkcjlajldicbikpgnp
player.ooyala.com
smetrics.fedex.com
ws.sessioncam.com
www.fedex.com
www.skateprogression.com
kajfghlhfkcocafkcjlajldicbikpgnp
www.fedex.com
13.224.186.14
15.188.105.205
151.101.14.27
192.135.86.138
216.58.207.38
2606:4700:3033::681b:b277
2a02:26f0:6c00:19d::2070
2a02:26f0:6c00:28a::1e80
2a02:26f0:6c00:298::11e2
52.209.191.154
54.152.53.96
54.77.236.71
66.117.29.11
260eb38b160b97c73bcd23109f5261dd49cd09fcc36283e95c719b86b322b41a
2dd42af252b85be303db754dd37c9f145dd655d8e8714cf2fd1ec068f625ab38
38ad4fa0d3a1b46734ceed24fe13ece69d170c9d6806fd8baac59deb83541f38
3a45130d0b8f72cb4bded19108e073babbe8c38e1bfe47e63624e07d2627ac9c
415711f176e3461d12c6e06fd97d19124f2327f9d3ec5b72051e1533b08151f6
469ba37f8b7b6e59c6986f92756708fd0a39db7f05b6f231da2f6d281d7266e2
4c219b564ba5daf4e2fc3edb8956d00bf8803728e42a9904c2576925d3f8fc4a
5095db88ad1749ffcf51aa2c57a9e3a337060fa1c06a99218a3169bd5f80b18e
56b7e8ca4092fc7f4ce541932df6a5d30143414550046ab65387c5f4c134ad21
57093d2c3a67ebfd35e3fafc765d90c024db25b1db74b63f152b80dbbfe72318
6e0ed33aab34a573975c9695ab5d52c62f1030db9859c166dfc14089dc2aa03b
6e37c6b285e0b3135a282aece3971e078fd476e609df4a7e68d78dc773c99841
6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46
70112db810e9e57739f102c7ed334cc51828a130a90ff1aff8ab7ce017953737
72cdde54cb5873078eccfab3f4d0e94a6d375e2a767fe66882601663686eed43
7c2ae46cdb2f40f9bd67ea21a75aa5a83689864fd41985ecf516b70ff1b4ef3d
7c2d923dadf472a1c8811de791a495f95c53cbf97f24c45933acaa6a87d7360d
863bc3f024591eb4b7a4f4e1937cfe149b28bc60526740a9b59758326c47a1fb
86bfe4efeae91570b016d3d8d0c8c4952e99b64ea680f4fe9b4b25d9d9095fc0
86de8319a3a9996e95c3e087e0e3af38d80e148b6c5c1982362e6c45e339ba3e
86ed319c6b2f67568428d0269f2439ce33001405582c3a3bc268b68cc127e2e1
8a68ca98e0ea2429c43b01c7876224cecc6b7d5b69a75773d95c228bf93d9950
8c52da6d1afc72da93e7f36183c88e9a4ced3054ed9983a06c52911691801002
8ca2aef826aaec09205dc6cc4a3244134ab493ba95a9249d5eb423ebf3293c34
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b94893c959d7561c221f89e3bed15a64459779028b515dcd554d0a9549e2373
9f0173ed05fe8618c76272aaae6711ae0fa7ece07de8522cb6b0159d22b691f5
a15cde44dcb54e4626553d2d97d338bb599cd00ee0853931f070b69e3fff7c33
a26d90127ab0cac3109c6756915896dfc5f83641aa6fbae81650a21462ad61ba
a37a87da38ccf9c7b7a3f1d6530664eca9381fe709d0b4b625c1ab889924c928
a522687d8b152efdd12ccec781f54d91fa60de20408684f1ef41c1e672619c56
a6394e7afd335ba72d8ba623e6f46f8e63fbc9b7099c8cde97eed1d09278d296
a7568e5f136f73ab7d2f2db11140b4ed9b20e67c4757b3921fc315524c059350
a9f95a4b93072f54addbce5356203b3bf179ce6e38b08bc529994dea818bbe70
ad5954d6cf2a097ef3ad929c192cfd0eb038029786c173e780e55f1600e9fd58
b095ef5df86bbd13cecf9b949136d3b5314097010a2ef01204dcc8cf0d0ffe18
be1fcf476fd6c5c8a4631c9e9d881505fadec1a571c857a097e6e0dddae99511
d67126d648d36c87038666a01ba245a703041d106ad00c1f3ce215a3cf24a94e
d856df6160484a9c19c5b618ec4fa4b8fa1036fa63e46e953d67c1ce7d529f84
de74143e9a4014a5aa6f6f3987683c8d1d63cdaf0251e07c1a1a36e5ef15ef25
e08bbd30b25c89f6db1dc380ba48070f55cbf80d349c44cf43603fe357e0b2c7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4f66101e4ef89eff8d7f6676256fcc23659d124139496c3733e679a24dd4f92
e9de7e26c9af722791eef41ac51932e6cf446cc5f29cceccbb117c7a27e5411e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0055891f09fff4839b344a4af5e0482696cab0e0bf307455661ba4056c787ee
f2d6e50322634e87767775e688831be89315bbaf414bea9c1bf84157d5638c30
f7552fbc16f5febff754823225e9d238721424e2386300368b75033f37e7a370
f90f558cd7766035ff145d010df3110e71b26699ce3ef983ff3e00c0248fdfc4