fedexs.net
Open in
urlscan Pro
107.180.14.67
Malicious Activity!
Public Scan
Submission: On August 12 via api from QA
Summary
This is the only time fedexs.net was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Fedex (Transportation)Domain & IP information
ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-107-180-14-67.ip.secureserver.net
fedexs.net |
ASN16625 (AKAMAI-AS, US)
PTR: a23-37-55-19.deploy.static.akamaitechnologies.com
img1.wsimg.com |
ASN15169 (GOOGLE, US)
translate.googleapis.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-102-139.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
PTR: fra16s12-in-f198.1e100.net
fls.doubleclick.net |
ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com
fast.fedex.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-9-100.eu-west-3.compute.amazonaws.com
metrics.fedex.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-111-119.eu-west-1.compute.amazonaws.com
fedex.tt.omtrdc.net |
ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net |
ASN13335 (CLOUDFLARENET, US)
static-v.tawk.to | |
va.tawk.to | |
vsa30.tawk.to |
ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-74.deploy.static.akamaitechnologies.com
img.secureserver.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
41 |
fedexs.net
fedexs.net |
2 MB |
9 |
googleapis.com
translate.googleapis.com fonts.googleapis.com |
100 KB |
7 |
tawk.to
embed.tawk.to static-v.tawk.to va.tawk.to vsa30.tawk.to |
116 KB |
4 |
demdex.net
1 redirects
dpm.demdex.net fast.fedex.demdex.net |
3 KB |
4 |
adobedtm.com
assets.adobedtm.com |
128 KB |
3 |
jsdelivr.net
cdn.jsdelivr.net |
54 KB |
3 |
fedex.com
metrics.fedex.com wwwtest.fedex.com Failed |
1 KB |
3 |
google.com
translate.google.com www.google.com |
1 KB |
2 |
secureserver.net
1 redirects
img.secureserver.net |
2 KB |
2 |
gstatic.com
www.gstatic.com |
3 KB |
2 |
everesttech.net
2 redirects
cm.everesttech.net |
748 B |
2 |
doubleclick.net
fls.doubleclick.net googleads.g.doubleclick.net |
2 KB |
2 |
googletagmanager.com
www.googletagmanager.com |
70 KB |
1 |
google.de
www.google.de |
107 B |
1 |
googleadservices.com
www.googleadservices.com |
12 KB |
1 |
omtrdc.net
fedex.tt.omtrdc.net |
593 B |
1 |
wsimg.com
img1.wsimg.com |
5 KB |
88 | 17 |
Domain | Requested by | |
---|---|---|
41 | fedexs.net |
fedexs.net
|
6 | translate.googleapis.com |
translate.google.com
translate.googleapis.com srcdoc fedexs.net |
4 | assets.adobedtm.com |
fedexs.net
assets.adobedtm.com |
3 | vsa30.tawk.to |
embed.tawk.to
|
3 | cdn.jsdelivr.net |
embed.tawk.to
fedexs.net |
3 | fonts.googleapis.com |
embed.tawk.to
|
3 | dpm.demdex.net |
1 redirects
fedexs.net
|
2 | img.secureserver.net |
1 redirects
fedexs.net
|
2 | va.tawk.to |
embed.tawk.to
|
2 | www.gstatic.com |
translate.googleapis.com
fedexs.net |
2 | www.google.com |
fedexs.net
|
2 | cm.everesttech.net | 2 redirects |
2 | metrics.fedex.com |
assets.adobedtm.com
|
2 | www.googletagmanager.com |
fedexs.net
|
1 | static-v.tawk.to |
fedexs.net
|
1 | wwwtest.fedex.com |
fedexs.net
|
1 | embed.tawk.to |
fedexs.net
|
1 | www.google.de |
fedexs.net
|
1 | googleads.g.doubleclick.net |
www.googleadservices.com
|
1 | www.googleadservices.com |
www.googletagmanager.com
|
1 | fedex.tt.omtrdc.net |
assets.adobedtm.com
|
1 | fast.fedex.demdex.net |
assets.adobedtm.com
|
1 | fls.doubleclick.net |
assets.adobedtm.com
|
1 | img1.wsimg.com |
fedexs.net
|
1 | translate.google.com |
fedexs.net
|
88 | 25 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
assets.adobedtm.com DigiCert SHA2 High Assurance Server CA |
2019-10-22 - 2021-10-01 |
2 years | crt.sh |
*.wsimg.com Starfield Secure Certificate Authority - G2 |
2018-09-25 - 2020-09-25 |
2 years | crt.sh |
upload.video.google.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
*.google-analytics.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
*.demdex.net DigiCert SHA2 High Assurance Server CA |
2018-01-09 - 2021-02-12 |
3 years | crt.sh |
*.g.doubleclick.net GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
www.google.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
www.google.de GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-07-29 - 2021-07-29 |
a year | crt.sh |
*.gstatic.com GTS CA 1O1 |
2020-07-15 - 2020-10-07 |
3 months | crt.sh |
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3 |
2020-07-08 - 2021-04-17 |
9 months | crt.sh |
*.secureserver.net Starfield Secure Certificate Authority - G2 |
2019-10-22 - 2021-10-22 |
2 years | crt.sh |
This page contains 8 frames:
Primary Page:
http://fedexs.net/en-us/home.php
Frame ID: 9B022AC5208EB8A68B408818B5514F11
Requests: 77 HTTP requests in this frame
Frame:
http://fast.fedex.demdex.net/dest5.html?d_nsid=2
Frame ID: C5A2849215A3E91110E41D7885B8DD0D
Requests: 1 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_static/css/translateelement.css
Frame ID: 801B592EFB0E90EA427927D2DEDC3480
Requests: 1 HTTP requests in this frame
Frame:
https://translate.googleapis.com/translate_a/l?client=te&alpha=true&hl=en&cb=callback
Frame ID: D05781D12F30D7FD93670D50AF09F88F
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 174D7D0496B175AFC190CDFCC3202B97
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: FF0754A233D4423F913D11D533933A27
Requests: 1 HTTP requests in this frame
Frame:
https://fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&subset=latin-ext
Frame ID: 1E8272EE9B8BE514AA3FD082589B2414
Requests: 4 HTTP requests in this frame
Frame:
https://static-v.tawk.to/a-v3/images/bubbles/4-r-br.svg
Frame ID: EB7B4713EE232A82C19B3D94956165F9
Requests: 1 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 43- http://dpm.demdex.net/id?d_visid_ver=4.4.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E22171B520E93BF0A490D44%40AdobeOrg&d_nsid=2&ts=1597231188954 HTTP 302
- http://dpm.demdex.net/id/rd?d_visid_ver=4.4.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=1E22171B520E93BF0A490D44%40AdobeOrg&d_nsid=2&ts=1597231188954
- http://www.googletagmanager.com/gtag/js?id=AW-863238793&l=dataLayer&cx=c HTTP 307
- https://www.googletagmanager.com/gtag/js?id=AW-863238793&l=dataLayer&cx=c
- http://cm.everesttech.net/cm/dd?d_uuid=72922840796287647493200213256213040201 HTTP 302
- https://cm.everesttech.net/cm/dd?d_uuid=72922840796287647493200213256213040201 HTTP 302
- https://dpm.demdex.net/ibs:dpid=411&dpuuid=XzPQVQAABDL-mS3-
- http://img.secureserver.net/t/1/tl/event?cts=1597231196438&tce=1597231187778&tcs=1597231187766&tdc=0&tdclee=1597231189508&tdcles=1597231189437&tdi=1597231189437&tdl=1597231188034&tdle=1597231187766&tdls=1597231187736&tfs=1597231187735&tns=1597231187735&trqs=1597231187778&tre=1597231188165&trps=1597231188031&tles=0&tlee=0&ht=perf&dh=fedexs.net&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&vci=623428903&cv=1.0.6&z=780338694&vg=2399065c-6438-42c5-9c9e-05bea20ab5be&vtg=2399065c-6438-42c5-9c9e-05bea20ab5be&ap=cpsh&trfd=%7B%22cts%22%3A1597231189437%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0003%22%7D&dp=%2Fen-us%2Fhome.php HTTP 301
- https://img.secureserver.net/t/1/tl/event?cts=1597231196438&tce=1597231187778&tcs=1597231187766&tdc=0&tdclee=1597231189508&tdcles=1597231189437&tdi=1597231189437&tdl=1597231188034&tdle=1597231187766&tdls=1597231187736&tfs=1597231187735&tns=1597231187735&trqs=1597231187778&tre=1597231188165&trps=1597231188031&tles=0&tlee=0&ht=perf&dh=fedexs.net&ua=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36&vci=623428903&cv=1.0.6&z=780338694&vg=2399065c-6438-42c5-9c9e-05bea20ab5be&vtg=2399065c-6438-42c5-9c9e-05bea20ab5be&ap=cpsh&trfd=%7B%22cts%22%3A1597231189437%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22cpsh%22%2C%22server%22%3A%22a2plcpnl0003%22%7D&dp=%2Fen-us%2Fhome.php
88 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
home.php
fedexs.net/en-us/ |
92 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tab_style.css
fedexs.net/en-us/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.1494c0abbe501301e2ab9daecc6082a8.js
fedexs.net/etc.clientlibs/clientlibs/granite/ |
98 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage.min.5e52950c2b53c9b6a4a002bb10323cad.css
fedexs.net/etc.clientlibs/clientlibs/fedex/page/ |
370 KB 61 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
secureCheck.min.08a76e16c8e88938b3db6aa87d731e4c.js
fedexs.net/etc.clientlibs/clientlibs/fedex/ |
5 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
shipping-routing.min.js
fedexs.net/mags/shipping-routing/ |
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-EN3932511771fb4e5e9dd852ae89372b59.min.js
assets.adobedtm.com/ |
335 KB 91 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
fedexs.net/content/dam/fedex-com/logos/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sprite-placeholder.png
fedexs.net/content/dam/fedex-com/common/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
delivery_driver_home_express_shipping_1511023269.jpg
fedexs.net/content/dam/fedex/us-united-states/FedEx-Office/images/2018/Q4/ |
71 KB 71 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2f67185d-5209-40f6-b5f6-f0a01358da95.jpg
fedexs.net/content/dam/fedex/us-united-states/G2M/images/2020/Q4/ |
89 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_delivery_purple_lg_2143296207.png
fedexs.net/content/dam/fedex/us-united-states/shipping/images/2020/Q3/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_retail_services_purple_lg_1588433430.png
fedexs.net/content/dam/fedex/us-united-states/shipping/images/2020/Q3/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_courier_purple_lg_1637809911.png
fedexs.net/content/dam/fedex/us-united-states/shipping/images/2020/Q2/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
icon_healthcare_purple_lg.png
fedexs.net/content/dam/fedex/us-united-states/shipping/images/2020/Q4/ |
694 B 962 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
resources-catalogs.svg
fedexs.net/content/dam/fedex-com/brand-icons/purple/ |
4 KB 1023 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
delivery.svg
fedexs.net/content/dam/fedex-com/brand-icons/purple/ |
5 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
retail-services.svg
fedexs.net/content/dam/fedex-com/brand-icons/purple/ |
6 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clothing_designer.jpg
fedexs.net/content/dam/fedex/us-united-states/services/ |
98 KB 98 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
FED03530_HomepagePods_FXO_694x463_2120284403.jpg
fedexs.net/content/dam/fedex/us-united-states/Testing/images/2019/Q2/ |
86 KB 86 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fedex-the-groomsman-suit.jpg
fedexs.net/content/dam/fedex/us-united-states/Testing/images/2020/Q3/ |
346 KB 346 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
man-working-office.jpg
fedexs.net/content/dam/fedex/us-united-states/services/cross-border/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
49683037227_4eb0c5ae10_c(1).jpg
fedexs.net/content/dam/fedex/us-united-states/shipping/images/2020/Q4/ |
42 KB 42 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
element.js
translate.google.com/translate_a/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
lodash.min.js
fedexs.net/etc/clientlibs/fedex/common/libs/lodashjs4.14.0/ |
68 KB 23 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage.min.11aa7e1e94edb7a7afec40c6c21cd6a3.js
fedexs.net/etc.clientlibs/clientlibs/fedex/page/ |
1 MB 288 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a8eaaf63255377e861b30d347578
fedexs.net/assets/ |
66 KB 17 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ |
12 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
menu-sprite.png
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
7 KB 7 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
homepage_hero_05222020.jpg
fedexs.net/content/dam/fedex/us-united-states/Hero/images/2020/q4/ |
79 KB 79 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footer-sprite.png
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
55 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Regular.ttf
fedexs.net/etc/clientlibs/fedex/common/css/resources/fonts/ |
142 KB 76 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Light.ttf
fedexs.net/etc/clientlibs/fedex/common/css/resources/fonts/ |
137 KB 73 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-Bold.ttf
fedexs.net/etc/clientlibs/fedex/common/css/resources/fonts/ |
133 KB 71 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Roboto-LightItalic.ttf
fedexs.net/etc/clientlibs/fedex/common/css/resources/fonts/ |
143 KB 77 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.js
translate.googleapis.com/translate_static/js/element/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fx_email.svg
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
1 KB 1005 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fx_facebook.svg
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
886 B 831 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fx_twitter.svg
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
1 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fx_instagram.svg
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
1 KB 925 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fx_linkedin.svg
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
1 KB 1006 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fx_youtube.svg
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fx_pinterest.svg
fedexs.net/etc.clientlibs/clientlibs/fedex/images/resources/ |
1 KB 1010 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
364 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
EX93f3378dd6984650b0d9e930075cfab8-libraryCode_source.min.js
assets.adobedtm.com/686b8f0c4520/4ce401c51b51/333fd89c1414/ |
106 KB 36 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ |
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
element_main.js
translate.googleapis.com/element/TE_20200506_00/e/js/element/ |
238 KB 85 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json
fls.doubleclick.net/ |
40 B 643 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
js
www.googletagmanager.com/gtag/ Redirect Chain
|
89 KB 35 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dest5.html
fast.fedex.demdex.net/ Frame C5A2 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
metrics.fedex.com/ |
48 B 696 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ibs:dpid=411&dpuuid=XzPQVQAABDL-mS3-
dpm.demdex.net/ Redirect Chain
|
42 B 915 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
delivery
fedex.tt.omtrdc.net/rest/v1/ |
278 B 593 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion_async.js
www.googleadservices.com/pagead/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/863238793/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.com/pagead/1p-user-list/863238793/ |
42 B 112 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/pagead/1p-user-list/863238793/ |
42 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
a8eaaf63255377e861b30d347578
fedexs.net/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
default
embed.tawk.to/5f1015405b59f94722bad556/ |
504 KB 111 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getapigconfigs.jsonp
fedexs.net/etc/services/ |
315 B 507 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
home.php.jsonp
fedexs.net/en-us/undefined/etc/services/getalerts.false.us.us.en_us./en-us/ |
315 B 507 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC2307fe15688341d0a51c1f1e222bd4df-source.min.js
assets.adobedtm.com/686b8f0c4520/4ce401c51b51/333fd89c1414/ |
1 KB 917 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCd5794ebadea64668a54c82a944998eb2-source.min.js
assets.adobedtm.com/686b8f0c4520/4ce401c51b51/333fd89c1414/ |
1 KB 837 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
s11537716028812
metrics.fedex.com/b/ss/fedexglbldev/10/JS-2.17.0-LAUN/ |
146 B 834 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
virtualagent-us.min.css
wwwtest.fedex.com/etc/clientlibs/fedex/components/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
virtualagent.min.js
wwwtest.fedex.com/etc/clientlibs/fedex/components/virtualagent-us/js/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/2x/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translateelement.css
translate.googleapis.com/translate_static/css/ Frame 801B |
18 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
translate_24dp.png
www.gstatic.com/images/branding/product/1x/ |
825 B 913 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cleardot.gif
www.google.com/images/ |
43 B 115 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
l
translate.googleapis.com/translate_a/ Frame D057 |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
te_ctrl3.gif
translate.googleapis.com/translate_static/img/ |
1 KB 1 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
a8eaaf63255377e861b30d347578
fedexs.net/assets/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 174D |
8 KB 790 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame FF07 |
8 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ Frame 1E82 |
8 KB 767 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.css
cdn.jsdelivr.net/emojione/2.2.7/assets/css/ Frame 1E82 |
192 B 280 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
emojione.min.js
cdn.jsdelivr.net/emojione/2.2.7/lib/js/ Frame 1E82 |
295 KB 53 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4-r-br.svg
static-v.tawk.to/a-v3/images/bubbles/ Frame EB7B |
6 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
1597231190207
va.tawk.to/register/ |
683 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa30.tawk.to/s/ |
101 B 275 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
26a1.png
cdn.jsdelivr.net/emojione/assets/png/ Frame 1E82 |
413 B 545 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa30.tawk.to/s/ |
484 B 672 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
v3
va.tawk.to/log-performance/ |
5 B 266 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
vsa30.tawk.to/s/ |
4 B 111 B |
XHR
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
event
img.secureserver.net/t/1/tl/ Redirect Chain
|
43 B 630 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- fedexs.net
- URL
- https://fedexs.net/assets/a8eaaf63255377e861b30d347578
- Domain
- wwwtest.fedex.com
- URL
- http://wwwtest.fedex.com/etc/clientlibs/fedex/components/virtualagent-us.min.css
- Domain
- fedexs.net
- URL
- https://fedexs.net/assets/a8eaaf63255377e861b30d347578
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Fedex (Transportation)184 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| FDX function| $ function| jQuery object| matched object| browser function| googleTranslateElementInit object| google function| _ object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in object| ___target_traces function| mboxCreate function| mboxDefine function| mboxUpdate object| _fdx number| f string| configDCID string| configAWID object| objConfig object| sc function| gtag object| dataLayer function| fdx_initSCVars function| fdx_debug function| fdx_setCookie function| fdx_getCookie function| fdx_campaign function| fdx_gup function| fdx_fireSDotT function| fdx_fireSDotTL function| fdx_spSrch function| fdx_iSrch function| scIS function| fdx_scIS function| logLinkView function| fdx_logLinkView function| setLinkView function| fdx_setLinkView function| fdx_getLinkView function| fdx_linkFormat function| fdx_trackMapping function| fdx_logDownload function| logPageView function| fdx_logPageView function| logPurchase function| fdx_logProdView function| fdx_logPurchase function| fdx_logPurchaseMAGS function| isObject function| fdx_logPurchase_PageLevel function| fdx_logPurchaseMAGR function| fdx_logPurchaseWREG function| processData function| fdx_convertToStr function| fdx_logChat function| fdx_logTrackPOD function| fdx_logFXO function| s_doPlugins function| fdx_initPlugins function| AppMeasurement_Module_Integrate function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_ActivityMap function| AppMeasurement function| s_gi function| s_pgicq function| fdx_runSCode function| fdx_initSCode function| fdx_createCustomEvent function| fdx_dispatchCustomEvent function| fdx_fireCustomEvent object| MAGSEvarMapping function| DIL number| s_objectID number| s_giq string| sc_code_ver string| sc_code_ver_date string| s_version string| s_account string| wwwHost object| s string| nltrk object| s_Integrate_DFA string| v string| sc_s_etrid string| sc_s_acxrid string| sc_fcl_uuid object| google_tag_manager object| google_tag_data object| s_4_Integrate_DFA_get_0 function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| Swipe function| anchorLink function| multiAccordion object| WTRK function| initTimer function| silentCountdown function| countdown function| initFDX_SA_Map function| schLoadTracking function| autoExpandAccordion function| r function| createPlayers object| jQuery112403777865713569779 string| ua object| tem object| M object| mobilePatt boolean| isMobile boolean| returnType string| osTemp string| browserType string| fdx_browserType number| fdx_browserVMajor function| openModal object| _cf object| _ac object| bmak string| _sd_trace function| op object| Tawk_API object| Tawk_LoadStart object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true object| adwordsMapping string| url string| objAdWords string| event_type string| event_name string| event_param string| key object| dfaMapping undefined| objDFA string| fdx_locale object| dc number| ne object| gmar number| dsts object| gnov number| dste object| spr object| fl object| cd number| utc object| tz number| thisy number| thish number| thismin number| thisd object| a string| s_name number| d object| eo number| y object| s_i_fedexglbldev object| NinaVars function| appTarget object| closure_lm_820904 string| $_Tawk_AccountKey string| $_Tawk_WidgetId boolean| $_Tawk_Unstable object| $_Tawk function| $__TawkEngine function| EventEmitter function| $__TawkSocket object| $_Tawk_LoadStart function| TawkClass object| Inheritance_Manager string| messagePreviewRadius string| bottomBorderRadius string| topBorderRadius number| minWidth number| minHeight string| bodyClassName0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
cdn.jsdelivr.net
cm.everesttech.net
dpm.demdex.net
embed.tawk.to
fast.fedex.demdex.net
fedex.tt.omtrdc.net
fedexs.net
fls.doubleclick.net
fonts.googleapis.com
googleads.g.doubleclick.net
img.secureserver.net
img1.wsimg.com
metrics.fedex.com
static-v.tawk.to
translate.google.com
translate.googleapis.com
va.tawk.to
vsa30.tawk.to
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
wwwtest.fedex.com
fedexs.net
wwwtest.fedex.com
104.111.239.74
107.180.14.67
15.236.9.100
172.217.21.198
172.217.23.98
2.16.186.56
23.37.55.19
2606:4700:10::6816:1883
2606:4700:10::ac43:2642
2a00:1450:4001:800::2003
2a00:1450:4001:806::2002
2a00:1450:4001:81c::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:820::200a
2a00:1450:4001:820::200e
2a00:1450:4001:821::2008
2a00:1450:4001:825::200a
2a02:26f0:10c:387::1e80
2a02:26f0:6c00:195::2070
2a04:4e42:1b::621
34.252.102.139
54.194.111.119
66.117.28.86
11514b761216f3fb58998d6df750880668715a828270e1277f6f4791a3a649eb
13b5eece5a7359f9c0de2b4b3c24eeed42fa547e5811238bc9434dcc975bb101
1542ec32f64035b115848f44b6e91f5da630b87b9e1319f835a48a373c26aa83
171b3a7c770ce42646654d266a6bc674cad4f3405150dc637afb0c4e632b35e6
18b91aa55babf6a41b67ad376266712f9e07172f8ec8c6d06904f622f15527c9
1bb2279aed6bc1438d2b17a5ffcbac9d37864582aedeeec8d301eab162b2c213
1bf3b14d5e60b96f2cb3fa4bb9172c99de29f2edbef8681424d305a65a999539
1d5dcc1f5ef70e9ab2b6190c1bc183d8c7b7bb7e37f99a2a426174c5c4f2b7c5
227df24d49ad3850151dde3ff73f5a32143c7f1bee0f45a5e4d1bf69a3219941
2afb0f0eb6e7a5d1b205ae3f52398e42557c4bf44b55d25c033554d72052c316
2b8655490b3625bd3d1a1605a29ccfbbe2b54619e0b7beac72fee4716adbc89f
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2ed127284f8f4caaee4c7dceeaab3657e6528f9f84fc47734b58ba099c95fa42
2f26f5f633d0aeadc25d0aad7488b8fec5648ef3d5b6fc5cb9e29782154cf609
2fd581cfd72fd5dc760fc26848ac145971b007dde986f87396072c0be4472658
3bfd3b7dfc42738aa727796a8905eed5b8170cc304cfe2bd6ea4c5819bf822aa
3e55fe8f2a5a503a429eb500567933429f105dbe3ddac509909803ffc20b359f
4101aa02d68cd3d07bf6340516c410b5fe6311214576622f7c4da72e26544e18
4174af2a69329fd7bfbfb06dd5f2ea7b082b7d47ebb1bd6a36fe9035d2a41e92
4b3f92b474bb906ed4832c5ab2d840c524ea8f8aaea0b321ff18458dae9eec92
4cadcfdd708e1aee7625c1e66cb80d2e44ba61e2e54d76bc60935fcfc1e5ed88
519edf0dc00972d9a811c5e60b94cf719b30351a8dfe62f38fab8d4b5182558b
55dc2a37fc6774dd11e33a5086f2cda4015230b8bb0dfa1081d11bf7f816bcc2
56b7e8ca4092fc7f4ce541932df6a5d30143414550046ab65387c5f4c134ad21
57770dcad012cfb928a0a1645f85be2ba3b505e5ed08bf512f842aae2b060597
589a2193c41cefecd9afaddfbff1a64276a088400ae2faf121cf158670e34c45
5b6fe39fd0a7b44264a101b2cac84198da3b7aebb62cc0111aa7656cf48f7e7e
5fe03bfd95a2d4e640ed7d04dcb08ef991c327a5ab6f6fdb9eb06e1efc76af30
5ffb3cc3a32ef32cc47a3002e9db6d047b785b4bee3c5b00905ec623a190c66a
612ff6e223da11b067cb8814ae65ac6b207422d8355b95e037bb58daccfc7aa9
6149f95c1ebdde5391898e22a79821a810336f6bd74318291b4f49f23fbf0fa8
6482484360d800a5d223601ef7ea53446975cc10903989aa4f48d00e8ecc14d4
677124c6ff82c130411d65036ee11e1e8b381579caa9ae685bff492504fbcb5b
6c872b3f9352de703c670a5fb5cba2c60d464395d55a701e26dffacd4c98f3ab
6c8ffce21f1cfa9c7712d49b7d25e181dc8cb3fd646195257328f87da73ca2e3
6f46e13ab4b86da0407a98685e6cdf678aa732e29335fe0f441c2b816ddf0e46
7354219f22cb6796df1c93268b82f6a19d5f36317fc5d3ccd8623d06c200882d
859daeac82af4cb75ee7665bed3c8dc24881340f0ac2e5167204aec28c17db9c
8c8e4cee94204596733d23753ae8cebddfc2157e56eae975f0ae7127b795a03d
8d1cbe2e92cdd47578c8c721772e91af4078e3b71e22f54b8ccdcecfdb1bba3a
9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70
92f410985c0233c9abcba33b98f05b3e24d5ea3e80f5083466d545e94d49ec43
933b971c6388d594a23fa1559825db5bec8ade2db1240aa8fc9d0c684949e8c9
947fc19e2926ca2e9e68038ba25ff35ce56a87b3405256c8bc55ca12c2d99713
99f7cd905d160e4bf4408195b22a893a45661a8855a0841e207d5bafe7411d90
9bb5a7189740e8d8918613f8ed03c3728768ef01c2fc4a59397f91363c9e3fc9
9bdbbec9257c9c6613f57964602286d2e458edd74a7369f8e9e8ec76de4f90ea
9f8144ae6f866129aea41bbf694b0c858ef9352a139969e57cd8db73385f52c3
9f829a49497975a9fff98c521dba857bceedfa47796b7371d9610d7f254a513d
a9a2f1dd042cb6f1eded53dc0a1c66ed8694fc093dc3520cdac1a541d615d474
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17667ce7e13581db105777f986e141168231e88a8ef16d13e581c7c1525f14b
b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f
bbefc491e57f237483d907ddcf7e0f5ca4669b5c5a912fd3498c390387db5567
bc293439e612d7e2cb6fa675a02a32a4ebd20593784b6dbdb3a74506f8c19c45
c0648ba8796353bb375ea5e03ed43dcbb5a6ff711d2dd87c9639ff6ff52f1216
c0dc630bcc4cad69475c7f0ea4f93901818073aa514f8f5960706f6b27283f48
c93f30bedfcbec3711cd242e1e8cbecd34c4c682600fc4eb96217f953fb24477
cd339d543f8022a6604228c8e3437e4ccc4efe6d9a78681233edba340b95969e
cd8dfd56b5ef3c610c20d54d5f4b951bc0cb9a0ae942657c479c9a2c0b2b7b1a
ce38bbf9eb5287d1dee02443d94915fa02a0d89b1cef76990513835ce27795ae
d228d0256370863119c043f1e5ca8f3930f6999bd9f250434b6d8935f45dc171
d34c7dfb31a485518c27a55eb41e6109e25f1c5c053b9a0936ff96af22199489
d5a89e26beae0bc03ad18a0b0d1d3d75f87c32047879d25da11970cb5c4662a3
da26c9bf8a1d91b8f9c6458ba3d639b04501005d9dc6f2f37d415d402e190698
ddee7585e3cb50b5a55c36a827449e57850f69d6519151d091618aac1bd58d72
e08bbd30b25c89f6db1dc380ba48070f55cbf80d349c44cf43603fe357e0b2c7
e182134ef1a53804a298b09a5f4c2661b378765a0a7973576a4dcf04f41b4754
e474baba3847d0f8c1df337386dfa2c122884eb4b872907fee5897ede3edbf1b
eeefa95ffcadbc4d6a2bc285f8735b73e989239d68f4a66e0ef5c51f9607ff96
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4198a6c9208fe18fe32ff0bd9ee7064fcf5627eaecf5d5ffdaec11ca0512cde
f4bb9567d644ed4d56f044502449f8d44c9a6b7ad377aa99781d0fb79eac6ce0
f5c06455e539dcd889f7f05d709b5adc76c444099fe57f431365af2fc57e803b
fa5ab53060a9bc6b1b8901a4e1bdbe4544f53e5381286b2f2d56d1bce7583435
fcaa4b43a648437eb9b74a0037d2bd523e7ff9e532393d0eea2d7b656bb3e80f