updates.social27.com
Open in
urlscan Pro
20.57.185.196
Malicious Activity!
Public Scan
Submitted URL: https://slitly.com/JoPBz
Effective URL: https://updates.social27.com/wp-content/now/shaw/web/login.php?alservlet/PNCOnlineBankingServletLogin/overviewAccounts/overvi...
Submission: On September 08 via manual from CA — Scanned from CA
Effective URL: https://updates.social27.com/wp-content/now/shaw/web/login.php?alservlet/PNCOnlineBankingServletLogin/overviewAccounts/overvi...
Submission: On September 08 via manual from CA — Scanned from CA
Summary
This website contacted 21 IPs
in 3 countries
across 19 domains to perform 59 HTTP transactions.
The main IP is 20.57.185.196, located in
United States and
belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US.
The main domain is updates.social27.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 10th 2023. Valid for: a year.
This is the only time updates.social27.com was scanned on urlscan.io!
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 10th 2023. Valid for: a year.
This is the only time updates.social27.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Shaw (Telecommunication)Domain & IP information
19
184.29.162.148
(Piscataway, United States)
ASN16625 (AKAMAI-AS, US)
PTR: a184-29-162-148.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-29-162-148.deploy.static.akamaitechnologies.com
| signin.shaw.ca |
9
99.84.108.42
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-42.iad79.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-99-84-108-42.iad79.r.cloudfront.net
| tags.tiqcdn.com |
2
142.251.16.138
(United States)
ASN15169 (GOOGLE, US)
PTR: bl-in-f138.1e100.net
ASN15169 (GOOGLE, US)
PTR: bl-in-f138.1e100.net
| www.google-analytics.com |
3
52.44.82.50
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-82-50.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-82-50.compute-1.amazonaws.com
| dpm.demdex.net |
3
104.17.208.240
(None, )
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| zn8npxk0tq5ffdul8-rogers.siteintercept.qualtrics.com | |
| siteintercept.qualtrics.com |
2
3.161.213.126
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-126.yul62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-161-213-126.yul62.r.cloudfront.net
| cdn.appdynamics.com |
1
54.174.107.76
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-107-76.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-174-107-76.compute-1.amazonaws.com
| datacloud.tealiumiq.com |
1
3.162.3.99
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-99.yul62.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-3-162-3-99.yul62.r.cloudfront.net
| t.contentsquare.net |
1
99.81.83.79
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-83-79.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-83-79.eu-west-1.compute.amazonaws.com
| rum-collector-2.pingdom.net |
2
172.253.63.155
(United States)
ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
ASN15169 (GOOGLE, US)
PTR: bi-in-f155.1e100.net
| stats.g.doubleclick.net |
1
172.253.63.97
(United States)
ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
ASN15169 (GOOGLE, US)
PTR: bi-in-f97.1e100.net
| www.googletagmanager.com |
1
52.5.203.46
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-203-46.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-5-203-46.compute-1.amazonaws.com
| shaw.demdex.net |
1
54.92.195.210
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-195-210.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-195-210.compute-1.amazonaws.com
| cm.everesttech.net |
1
63.140.38.169
(United States)
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-169.data.adobedc.net
ASN14618 (AMAZON-AES, US)
PTR: ip-63-140-38-169.data.adobedc.net
| shawtelevision.112.2o7.net |
2
50.16.197.56
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-50-16-197-56.compute-1.amazonaws.com
| loadm.exelator.com |
1
37.19.206.6
(Ashburn, United States)
ASN60068 (CDN77 ^_^, GB)
PTR: 476000398.ash.cdn77.com
ASN60068 (CDN77 ^_^, GB)
PTR: 476000398.ash.cdn77.com
| load77.exelator.com |
2
172.253.115.156
(United States)
ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
ASN15169 (GOOGLE, US)
PTR: bg-in-f156.1e100.net
| cm.g.doubleclick.net |
1
52.37.94.185
(Boardman, United States)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-94-185.us-west-2.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-37-94-185.us-west-2.compute.amazonaws.com
| col.eum-appdynamics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 19 |
shaw.ca
signin.shaw.ca — Cisco Umbrella Rank: 770132 |
192 KB |
| 9 |
tiqcdn.com
tags.tiqcdn.com — Cisco Umbrella Rank: 1209 |
108 KB |
| 4 |
doubleclick.net
2 redirects
stats.g.doubleclick.net — Cisco Umbrella Rank: 96 cm.g.doubleclick.net — Cisco Umbrella Rank: 259 |
1 KB |
| 4 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 234 shaw.demdex.net — Cisco Umbrella Rank: 225667 |
6 KB |
| 4 |
social27.com
1 redirects
updates.social27.com |
99 KB |
| 3 |
exelator.com
2 redirects
loadm.exelator.com — Cisco Umbrella Rank: 1801 load77.exelator.com — Cisco Umbrella Rank: 4019 |
2 KB |
| 3 |
qualtrics.com
zn8npxk0tq5ffdul8-rogers.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 1031 |
26 KB |
| 2 |
google.ca
www.google.ca — Cisco Umbrella Rank: 8913 |
515 B |
| 2 |
google.com
www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 181 |
665 B |
| 2 |
appdynamics.com
cdn.appdynamics.com — Cisco Umbrella Rank: 4424 |
61 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49 |
21 KB |
| 2 |
pingdom.net
rum-static.pingdom.net — Cisco Umbrella Rank: 6459 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 5715 |
3 KB |
| 1 |
eum-appdynamics.com
col.eum-appdynamics.com — Cisco Umbrella Rank: 3273 |
782 B |
| 1 |
2o7.net
shawtelevision.112.2o7.net |
344 B |
| 1 |
everesttech.net
1 redirects
cm.everesttech.net — Cisco Umbrella Rank: 1272 |
517 B |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62 |
80 KB |
| 1 |
contentsquare.net
t.contentsquare.net — Cisco Umbrella Rank: 3760 |
72 KB |
| 1 |
tealiumiq.com
datacloud.tealiumiq.com — Cisco Umbrella Rank: 7120 |
748 B |
| 1 |
slitly.com
1 redirects
slitly.com |
279 B |
| 59 | 19 |
| Domain | Requested by | |
|---|---|---|
| 19 | signin.shaw.ca |
updates.social27.com
signin.shaw.ca |
| 9 | tags.tiqcdn.com |
signin.shaw.ca
tags.tiqcdn.com |
| 4 | updates.social27.com |
1 redirects
updates.social27.com
|
| 3 | dpm.demdex.net |
tags.tiqcdn.com
|
| 2 | cm.g.doubleclick.net | 2 redirects |
| 2 | loadm.exelator.com | 2 redirects |
| 2 | www.google.ca | |
| 2 | siteintercept.qualtrics.com |
cdn.appdynamics.com
|
| 2 | stats.g.doubleclick.net |
www.google-analytics.com
www.googletagmanager.com |
| 2 | cdn.appdynamics.com |
tags.tiqcdn.com
cdn.appdynamics.com |
| 2 | www.google-analytics.com |
tags.tiqcdn.com
www.google-analytics.com |
| 1 | col.eum-appdynamics.com |
cdn.appdynamics.com
|
| 1 | load77.exelator.com | |
| 1 | analytics.google.com |
www.googletagmanager.com
|
| 1 | www.google.com | |
| 1 | shawtelevision.112.2o7.net | |
| 1 | cm.everesttech.net | 1 redirects |
| 1 | shaw.demdex.net |
cdn.appdynamics.com
|
| 1 | www.googletagmanager.com |
cdn.appdynamics.com
|
| 1 | rum-collector-2.pingdom.net |
rum-static.pingdom.net
|
| 1 | t.contentsquare.net |
tags.tiqcdn.com
|
| 1 | datacloud.tealiumiq.com |
tags.tiqcdn.com
|
| 1 | zn8npxk0tq5ffdul8-rogers.siteintercept.qualtrics.com |
tags.tiqcdn.com
|
| 1 | rum-static.pingdom.net |
tags.tiqcdn.com
|
| 1 | slitly.com | 1 redirects |
| 59 | 25 |
This site contains no links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.social27.com Go Daddy Secure Certificate Authority - G2 |
2023-08-10 - 2024-09-10 |
a year | crt.sh |
| san.shaw.ca DigiCert TLS RSA SHA256 2020 CA1 |
2023-08-09 - 2023-12-13 |
4 months | crt.sh |
| tags.tiqcdn.com Amazon RSA 2048 M01 |
2023-04-18 - 2024-05-17 |
a year | crt.sh |
| pingdom.net Cloudflare Inc ECC CA-3 |
2022-11-13 - 2023-11-13 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| *.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-03-27 - 2024-03-26 |
a year | crt.sh |
| *.appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-21 - 2024-07-21 |
a year | crt.sh |
| *.tealiumiq.com Amazon RSA 2048 M02 |
2023-07-26 - 2024-08-23 |
a year | crt.sh |
| t.contentsquare.net Amazon RSA 2048 M01 |
2023-02-21 - 2023-11-11 |
9 months | crt.sh |
| *.pingdom.net Amazon RSA 2048 M01 |
2023-02-10 - 2023-12-20 |
10 months | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| *.112.2o7.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-04-10 - 2024-05-10 |
a year | crt.sh |
| www.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| *.google.ca GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| *.google.com GTS CA 1C3 |
2023-08-14 - 2023-11-06 |
3 months | crt.sh |
| *.eum-appdynamics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-06-14 - 2024-07-14 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
https://updates.social27.com/wp-content/now/shaw/web/login.php?alservlet/PNCOnlineBankingServletLogin/overviewAccounts/overview/index=BN6k4epZjU7Qoq4FqA0bOQGPdLmEyFRXxYdLqYf3xsfrLcEGARw72GmBaqGbpOCbZTMNAimjon0Hx8EA
Frame ID: 266BAC99F229FB0ED0A7F2BF69F36460
Requests: 56 HTTP requests in this frame
Frame:
https://shaw.demdex.net/dest5.html?d_nsid=0
Frame ID: 73041EC22AAEB1D2327C4E843ACFBF1F
Requests: 3 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://slitly.com/JoPBz
HTTP 301
https://updates.social27.com/wp-content/now/shaw/ HTTP 302
https://updates.social27.com/wp-content/now/shaw/web/login.php?alservlet/PNCOnlineBankingServletLogin/ove... Page URL
Detected technologies
WordPress
(CMS)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /wp-(?:content|includes)/
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
AppDynamics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adrum
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://slitly.com/JoPBz
HTTP 301
https://updates.social27.com/wp-content/now/shaw/ HTTP 302
https://updates.social27.com/wp-content/now/shaw/web/login.php?alservlet/PNCOnlineBankingServletLogin/overviewAccounts/overview/index=BN6k4epZjU7Qoq4FqA0bOQGPdLmEyFRXxYdLqYf3xsfrLcEGARw72GmBaqGbpOCbZTMNAimjon0Hx8EA Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 47- https://cm.everesttech.net/cm/dd?d_uuid=64940021990884824342079731438683646265 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=ZPt8jgAAAJRacgNP
- https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64940021990884824342079731438683646265 HTTP 302
- https://loadm.exelator.com/load/?p=204&g=091&j=0&bi=64940021990884824342079731438683646265&xl8blockcheck=1 HTTP 302
- https://load77.exelator.com/pixel.gif
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=NjQ5NDAwMjE5OTA4ODQ4MjQzNDIwNzk3MzE0Mzg2ODM2NDYyNjU= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=NjQ5NDAwMjE5OTA4ODQ4MjQzNDIwNzk3MzE0Mzg2ODM2NDYyNjU=&google_tc= HTTP 302
- https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEJBYFJ7FPMT9K21M3wku2AY&google_cver=1?gdpr=0&gdpr_consent=
59 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
login.php
updates.social27.com/wp-content/now/shaw/web/ Redirect Chain
|
45 KB 9 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.css
signin.shaw.ca/assets/css/ |
190 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-style.css
signin.shaw.ca/assets/css/ |
151 KB 65 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-masthead.css
signin.shaw.ca/assets/css/ |
23 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-footer.css
signin.shaw.ca/assets/css/ |
8 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
spinner.css
signin.shaw.ca/assets/css/ |
0 0 |
Stylesheet
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
modal-close.png
signin.shaw.ca/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
questionmark.png
signin.shaw.ca/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icon-help-blue-bkgd.png
signin.shaw.ca/assets/images/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
error_button.png
signin.shaw.ca/assets/images/ |
185 B 314 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
Shaw_Logo.png
signin.shaw.ca/assets/images/ |
7 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
logo-shawdirect-mobile.png
signin.shaw.ca/assets/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
updates.social27.com/wp-content/now/shaw/style/js/ |
84 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
xfi.js
updates.social27.com/wp-content/now/shaw/style/js/ |
6 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.min.js
signin.shaw.ca/assets/js/ |
88 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
signin.shaw.ca/assets/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
consolidated-script.js
signin.shaw.ca/assets/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bowser.js
signin.shaw.ca/assets/js/ |
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
mail-new.png
signin.shaw.ca/assets/images/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
contact-new.png
signin.shaw.ca/assets/images/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
my-shaw-logo-black.png
signin.shaw.ca/assets/images/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
question-circle-regular.png
signin.shaw.ca/assets/images/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
TedNext-SemiBold.woff2
signin.shaw.ca/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
TedNext-Bold.woff2
signin.shaw.ca/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
TedNext-Regular.woff2
signin.shaw.ca/assets/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
127 KB 36 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prum.min.js
rum-static.pingdom.net/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.8.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
69 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.9.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
23 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.12.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
168 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.14.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.44.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.53.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
4 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.57.js
tags.tiqcdn.com/utag/shaw/uts-shaw-myaccount/prod/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
752 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
/
zn8npxk0tq5ffdul8-rogers.siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
8 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adrum-latest.js
cdn.appdynamics.com/adrum/ |
111 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
i.gif
datacloud.tealiumiq.com/shaw/main/2/ |
43 B 748 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
b829dc86-7600-47e9-8cf6-4eb0c3528c7a.js
t.contentsquare.net/uxa/ |
302 KB 72 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ |
2 B 431 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
beacon.gif
rum-collector-2.pingdom.net/img/ |
0 213 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
15 B 224 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
4 B 352 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
12.2158c5447122fa995560.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
69 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
223 KB 80 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
adrum-ext.89188edf1c7df38b8e63edb7368e911e.js
cdn.appdynamics.com/ |
53 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
dest5.html
shaw.demdex.net/ Frame 7304 |
7 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=411&dpuuid=ZPt8jgAAAJRacgNP
dpm.demdex.net/ Redirect Chain
|
42 B 940 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s031354910503
shawtelevision.112.2o7.net/b/ss/shawutsdevelopment/1/JS-2.22.3/ |
43 B 344 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
5 KB 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
analytics.google.com/g/ |
0 257 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/g/ |
0 56 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.ca/ads/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pixel.gif
load77.exelator.com/ Frame 7304 Redirect Chain
|
43 B 366 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
ibs:dpid=771&dpuuid=CAESEJBYFJ7FPMT9K21M3wku2AY&google_cver=1
dpm.demdex.net/ Frame 7304 Redirect Chain
|
42 B 941 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
adrum
col.eum-appdynamics.com/eumcollector/beacons/browser/v1/APP_KEY_NOT_SET/ |
0 782 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- signin.shaw.ca
- URL
- https://signin.shaw.ca/assets/fonts/TedNext-SemiBold.woff2
- Domain
- signin.shaw.ca
- URL
- https://signin.shaw.ca/assets/fonts/TedNext-Bold.woff2
- Domain
- signin.shaw.ca
- URL
- https://signin.shaw.ca/assets/fonts/TedNext-Regular.woff2
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Shaw (Telecommunication)134 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| documentPictureInPicture function| $ function| jQuery object| utag_data function| detectDevice object| errMsg string| siteName string| pageCode string| utag_url function| modifyLinksForDirect function| openChatWindow function| openEmailWindow function| openDirectChatWindow function| openDirectChatWindowFr function| openDirectEmailWindow function| openDirectEmailWindowFr function| closeNav function| signInClicked function| openHelp function| openVodRegister function| openVodLearnMore function| openVodForgot function| openTveLearnMore function| openAkamaiEnGetStartedNowClick function| openAkamaiFrGetStartedNowClick function| openAkamaiCreateShawIdClick function| openAkamaiForgetShawIdClick function| akamaiUnderlineActiveSlide function| openModal function| checkButtonEnable function| getParameterByName function| setAnalyticsCallData function| isBrowserSupported function| bowser object| errorCode object| msgKeyPrefix object| serverError object| invalidLoginPasswordErrorCodes boolean| utag_condload object| utag function| loadLibrary object| _prum function| get_url_param function| geoip function| order_total function| order_id function| order_currency function| rgu_count function| product_names function| product_order_types function| lead_form_name function| lead_form_name_clean function| eoid function| is_thanks boolean| __tealium_twc_switch function| get_geo function| aid_prioritize function| cid_prioritize function| tealium_enrichment object| deviceDetector function| clickTrackEvent string| ClickTalePIISelector function| translate_id object| qualified_audiences object| sorted_audience object| priotized_audience_list object| qualified_contentid object| sorted_contentid object| priotized_contentid_list object| adobe function| Visitor string| GoogleAnalyticsObject function| ga object| s function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq object| s_c_il number| s_c_in number| s_objectID number| s_giq object| _uxa object| sobject function| MediaHeartbeat function| MediaHeartbeatConfig function| MediaHeartbeatDelegate function| TealiumMediaHeartbeatDelegate object| ADB number| c string| ZN_8nPXK0Tq5FFdUl8_ed string| ZN_8nPXK0Tq5FFdUl8_sampleRate string| ZN_8nPXK0Tq5FFdUl8_url object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| ADRUM number| adrum-start-time object| QSI object| WAFQualtricsWebpackJsonP-cloud-1.98.1 object| dataLayer object| CS_CONF object| CS_INTEGRATIONS_CONF object| CSPureWindow function| csDate object| csJSON function| csArray function| csString function| csURL function| csMutationObserver object| csScreen object| csquerySelector object| csquerySelectorAll function| csNodechildNodes function| csNodeparentNode function| csNodenextSibling function| csNodefirstChild function| csElementshadowRoot function| csElementmatches function| csElementwebkitMatchesSelector function| csHTMLImageElementsrc function| csEventtarget function| csNavigatorsendBeacon object| CSPathComputation object| eventListenerMap object| UXAnalytics object| s_Obj function| s_PPVevent number| s_PPVt object| s_i_shawutsdevelopment object| google_tag_manager object| _qsie25 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| slitly.com/ | Name: PHPSESSID Value: 62c0b1589badbe893b2965b23b9d8000 |
|
| slitly.com/ | Name: short_512 Value: 1 |
|
| .social27.com/ | Name: _cs_mk Value: 0.5016657124784276_1694203021619 |
|
| .social27.com/ | Name: _ga Value: GA1.2.623546868.1694203022 |
|
| .social27.com/ | Name: _gid Value: GA1.2.260975547.1694203022 |
|
| .social27.com/ | Name: _gat_tealium_0 Value: 1 |
|
| .tealiumiq.com/ | Name: TAPID Value: shaw/main>018a765e88c4001421e52d1089a60307400d606c00b08| |
|
| .social27.com/ | Name: utag_main Value: v_id:018a765e88c4001421e52d1089a60307400d606c00b08$_sn:1$_se:1$_ss:1$_st:1694204821510$ses_id:1694203021510%3Bexp-session$_pn:1%3Bexp-session$vapi_domain:social27.com$dc_visit:1$dc_event:1%3Bexp-session$dc_region:us-east-1%3Bexp-session |
|
| .demdex.net/ | Name: demdex Value: 64940021990884824342079731438683646265 |
|
| .social27.com/ | Name: AMCVS_5F34123F5245B4A70A490D45%40AdobeOrg Value: 1 |
|
| .social27.com/ | Name: p_url Value: https%3A%2F%2Fupdates.social27.com%2Fwp-content%2Fnow%2Fshaw%2Fweb%2Flogin.php%3Falservlet%2FPNCOnlineBankingServletLogin%2FoverviewAccounts%2Foverview%2Findex%3DBN6k4epZjU7Qoq4FqA0bOQGPdLmEyFRXxYdLqYf3xsfrLcEGARw72GmBaqGbpOCbZTMNAimjon0Hx8EA |
|
| .social27.com/ | Name: s_nr Value: 1694203021864-New |
|
| .social27.com/ | Name: gpv Value: login%7Cmyacct-cable-web |
|
| .social27.com/ | Name: s_ppvl Value: %5B%5BB%5D%5D |
|
| .social27.com/ | Name: s_depth Value: 1 |
|
| .social27.com/ | Name: s_cc Value: true |
|
| .everesttech.net/ | Name: everest_g_v2 Value: g_surferid~ZPt8jgAAAJRacgNP |
|
| .social27.com/ | Name: _ga_07RVZHNH00 Value: GS1.2.1694203022.1.0.1694203022.60.0.0 |
|
| .dpm.demdex.net/ | Name: dpm Value: 64940021990884824342079731438683646265 |
|
| .social27.com/ | Name: AMCV_5F34123F5245B4A70A490D45%40AdobeOrg Value: -1124106680%7CMCIDTS%7C19609%7CMCMID%7C65060458663203916382056449652233456749%7CMCAAMLH-1694807821%7C7%7CMCAAMB-1694807821%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1694210221s%7CNONE%7CMCSYNCSOP%7C411-19616%7CvVersion%7C5.2.0 |
|
| .demdex.net/ | Name: dextp Value: 3-1-1694203022081|771-1-1694203022182 |
|
| .social27.com/ | Name: s_ppv Value: login%257Cmyacct-cable-web%2C100%2C100%2C1200%2C1600%2C1200%2C1600%2C1200%2C1%2CL |
|
| .exelator.com/ | Name: EE Value: "07bb5c9221178567ffb71acc37997bd0" |
|
| .exelator.com/ | Name: ud Value: "eJxrXxzq6XKLQcHAPCnJNNnSyMjQ0NzC1Mw8LS3J3DAxOdnY3NLSPCnFYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQbEl%252BUWb6ImfHxUUpaQyLSopPBR%252B11gcAkCMpmA%253D%253D" |
|
| .doubleclick.net/ | Name: IDE Value: AHWqTUmc5fc-3AXgNpWepNiFkvd7U_w9p1p3Y7nbKGrfEI-Sv_dnimtj6_cOMWZaLPo |
8 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
analytics.google.com
cdn.appdynamics.com
cm.everesttech.net
cm.g.doubleclick.net
col.eum-appdynamics.com
datacloud.tealiumiq.com
dpm.demdex.net
load77.exelator.com
loadm.exelator.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
shaw.demdex.net
shawtelevision.112.2o7.net
signin.shaw.ca
siteintercept.qualtrics.com
slitly.com
stats.g.doubleclick.net
t.contentsquare.net
tags.tiqcdn.com
updates.social27.com
www.google-analytics.com
www.google.ca
www.google.com
www.googletagmanager.com
zn8npxk0tq5ffdul8-rogers.siteintercept.qualtrics.com
signin.shaw.ca
104.17.208.240
104.22.54.104
142.251.16.138
142.251.163.94
142.251.167.104
172.253.115.156
172.253.63.155
172.253.63.97
184.29.162.148
20.57.185.196
216.239.34.181
3.161.213.126
3.162.3.99
37.19.206.6
50.16.197.56
52.37.94.185
52.44.82.50
52.5.203.46
54.174.107.76
54.92.195.210
63.140.38.169
65.60.61.211
99.81.83.79
99.84.108.42
008173396c9d4ece00fe743d6f85abd9171294cf73a3a7f1a978ad4bfddf1893
031e049f9bb0dd39dab92e42f3ca0d9dc1190b8015591da137d5a51c3052736a
082fcc28d6a62b19db0fb69af112c06bfa90076b2cb3bcce9ea44ceafe446420
18f1f0c943c7821f8caeb0dc877a14fb4394af598153e6bfbe5da55cb32a75fc
1d5cfe14d65accc4bd1df0d7c3bb65be70d0f4e94a5f9d40465343a2807548ae
2b135962d931b7e09b821df371702ab8220b030ea72c7b872048ac5fa9b0c1ea
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
3a6aa1b09f9e93c455079a2576bd8a1e59f00c16855d7d04082d5c0a937b818d
3b75e88c7795786c3a1f31131502b80bbc12b17db5451fc909dbe06ed2985fd9
3be38cc3f58acf7830b0044231660d13aa7dd86fe49285659ab127d28023b755
3de0670375c8a9763362d95d2863c6e1e0360fa3f900c4e9b4b1a10194e3fe89
3ffa650c99d2ab1f576f34e4db663f8ef8d962b28f53c3b0db0f85c50db533d8
4e8e84e7f6a6e6eac655b7daabd96fe40eb805954c411f7463c162e978245eaa
4fec3dd5fe01ced5e32bf326e305e00a1eeb39059423e967145ab13e90688cc3
6014d9f259183e2191d47425d562172ca5c2237ee1d4846e7664ea1c02a99946
62d52939221d6b877da9f1d5aed8be3616d8d87a467500046950c5071d25c0bd
697e541b2f182b24b7e56b9a1807fd0ce4241e0e1e289c64f16fc365643fe495
6df486ea6e03946f2f54d3520f748119852867965ac98da46cd1a8891b4a305e
74ec8a1a4a301bacac2785fe3762a8f94be1d86bb6c2bc6a02fa00f5a82fce29
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7ec7020297221b46af3b136ba88e23ef26f35519dcf32436d22b0e635074776f
8122789605535d11db8df7637f82781735476bcb1d291c78b605985d4157dfae
8685bca4bb29a8a8289c3effd282cb8718a7d14da65f1397481f213b15469f50
8e09aa31f396ea41d698f437dc5fc7125e931d400eb2873f5b68ef78c1e6f3a6
8fa81dfdeb324d3878059c63f8bf833a8377fba6acc9b896626ea351690d325a
9e962c9f76648fe5cd2745c6e928546830b55982355b9cee7fffb92510b99a02
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
b23e4e5b5ff1cc0bba8d21f685b90f5a3a2825c9a19b821ca7f2e22da615fef1
b4c15eaf3b936489e49d484475bd3779f31c9760cbadc3197720742673889f43
ba05a45516105cdb52c887d55a94383257ef2a94d4a30307ce311b47c4a74c98
bed436846e3c54d8de2f41abd659293e34c5de8180001895a943cd1d796da639
bf917bb5d81e32093db2093b266c8cc3364cabd40ad64d011cb0c9b91823141a
c0bcf7898fdc3b87babca678cd19a8e3ef570e931c80a3afbffcc453738c951a
c17848916b072cee558b852e6d24dea34f27ff3ca3844fe5dc19209b021090ff
cd4a0d95e6e0f2e0125cec1d50101465adada2ce4c9a2c11b67a6e873a9f983b
d4519118cc3c1f3d003282e4401446f0b698e3f6db7e2393714aa752e517cbdf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dff4afcab9ee2405927b00b6d9b888a512fb26536b17501b93d525d60e43512a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e848d6ac6b70883fd9339688f56773a403e80ff00af01cf9414a427703888033
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f00ad3d529b0a5972933c983b166e0ea4c9ff0276c34feb58f8307d3731bd934
f560f7104d2663728abc2e865575b9505dbf688a4d65c5c4b72ff91a59012fa2