![](/screenshots/d6d94717-69d5-40f0-88ef-255b7da3ca51.png)
jeepzone.co.za
Open in
urlscan Pro
197.221.14.165
Malicious Activity!
Public Scan
Submission: On May 26 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by R3 on May 2nd 2024. Valid for: 3 months.
This is the only time jeepzone.co.za was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Shaw (Telecommunication)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 | 197.221.14.165 197.221.14.165 | 37153 (xneelo) (xneelo) | |
9 | 23.63.231.167 23.63.231.167 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a00:1450:400... 2a00:1450:4001:803::2002 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:80b::2008 | 15169 (GOOGLE) (GOOGLE) | |
6 | 104.17.209.240 104.17.209.240 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
2 | 142.250.181.226 142.250.181.226 | 15169 (GOOGLE) (GOOGLE) | |
2 | 172.217.18.2 172.217.18.2 | 15169 (GOOGLE) (GOOGLE) | |
1 | 2a00:1450:400... 2a00:1450:4001:806::2001 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2a00:1450:400... 2a00:1450:4001:82b::2001 | 15169 (GOOGLE) (GOOGLE) | |
33 | 10 |
ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-63-231-167.deploy.static.akamaitechnologies.com
webmail.shaw.ca |
ASN15169 (GOOGLE, US)
www.googletagservices.com |
ASN15169 (GOOGLE, US)
ssl.google-analytics.com |
ASN13335 (CLOUDFLARENET, US)
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com | |
siteintercept.qualtrics.com |
ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
securepubads.g.doubleclick.net |
ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
pagead2.googlesyndication.com |
ASN15169 (GOOGLE, US)
44edf68f46a516885606716c15a2a115.safeframe.googlesyndication.com |
ASN15169 (GOOGLE, US)
tpc.googlesyndication.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
shaw.ca
webmail.shaw.ca — Cisco Umbrella Rank: 388335 |
283 KB |
6 |
qualtrics.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com siteintercept.qualtrics.com — Cisco Umbrella Rank: 908 |
30 KB |
5 |
googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 103 44edf68f46a516885606716c15a2a115.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 164 |
19 KB |
4 |
jeepzone.co.za
jeepzone.co.za |
11 KB |
2 |
doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 |
142 KB |
2 |
google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 654 |
17 KB |
1 |
googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 297 |
30 KB |
33 | 7 |
Domain | Requested by | |
---|---|---|
9 | webmail.shaw.ca |
jeepzone.co.za
webmail.shaw.ca |
4 | siteintercept.qualtrics.com |
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
siteintercept.qualtrics.com |
4 | jeepzone.co.za |
jeepzone.co.za
|
2 | tpc.googlesyndication.com |
securepubads.g.doubleclick.net
tpc.googlesyndication.com |
2 | pagead2.googlesyndication.com |
securepubads.g.doubleclick.net
|
2 | securepubads.g.doubleclick.net |
www.googletagservices.com
|
2 | zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com |
jeepzone.co.za
|
2 | ssl.google-analytics.com |
jeepzone.co.za
|
1 | 44edf68f46a516885606716c15a2a115.safeframe.googlesyndication.com |
securepubads.g.doubleclick.net
|
1 | www.googletagservices.com |
jeepzone.co.za
|
33 | 10 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.shaw.ca |
myaccount.shaw.ca |
Subject Issuer | Validity | Valid | |
---|---|---|---|
jeepzone.co.za R3 |
2024-05-02 - 2024-07-31 |
3 months | crt.sh |
san-west.shaw.ca DigiCert TLS RSA SHA256 2020 CA1 |
2024-05-03 - 2024-08-30 |
4 months | crt.sh |
*.g.doubleclick.net WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.google-analytics.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
*.qualtrics.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2024-03-27 - 2025-02-19 |
a year | crt.sh |
tpc.googlesyndication.com WR2 |
2024-05-06 - 2024-07-29 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://jeepzone.co.za/includes/database/received-voice-note/shaw/
Frame ID: 6644B016C3C859B1517200BBF92FF704
Requests: 31 HTTP requests in this frame
Frame:
https://44edf68f46a516885606716c15a2a115.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 75819130354B4037AE6FE6F6FC6190B9
Requests: 1 HTTP requests in this frame
Frame:
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B5B90FB09029757128CB488D981C1C46
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/d6d94717-69d5-40f0-88ef-255b7da3ca51.png)
Page Title
Sign in · ShawDetected technologies
Detected patterns
- googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Detected patterns
- googlesyndication\.com/
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Find a store
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
33 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
/
jeepzone.co.za/includes/database/received-voice-note/shaw/ |
24 KB 7 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
combine_signon_136.css
webmail.shaw.ca/css/ |
160 KB 160 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
www.googletagservices.com/tag/js/ |
92 KB 30 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo.png
jeepzone.co.za/includes/database/received-voice-note/shaw/ |
3 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
webmail-desktop.png
webmail.shaw.ca/images/ |
5 KB 5 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
error_button.png
jeepzone.co.za/includes/database/received-voice-note/shaw/images/ |
0 202 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
helpIcon.png
webmail.shaw.ca/images/icons/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
myAccountWebmailAd.jpg
jeepzone.co.za/includes/database/received-voice-note/images/ |
0 228 B |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
modal-close.png
webmail.shaw.ca/images/ |
1 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.min.js
webmail.shaw.ca/js/ |
103 KB 103 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
combine_signon_136.js
webmail.shaw.ca/js/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
login-form.shaw.js
webmail.shaw.ca/js/ |
5 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.cookie.js
webmail.shaw.ca/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jquery.base64.min.js
webmail.shaw.ca/js/ |
2 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ga.js
ssl.google-analytics.com/ |
45 KB 17 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ |
10 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202405210101/ |
453 KB 142 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ppub_config
securepubads.g.doubleclick.net/pagead/ |
62 B 73 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon56ab.woff
webmail.shaw.ca/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
ads
pagead2.googlesyndication.com/gampad/ |
542 B 280 B |
Fetch
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
container.html
44edf68f46a516885606716c15a2a115.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7581 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
__utm.gif
ssl.google-analytics.com/r/ |
35 B 197 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
12.ff6f136b131dcabe396d.chunk.js
siteintercept.qualtrics.com/dxjsmodule/ |
73 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
127 B 299 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
127 B 183 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
icomoon56ab.ttf
webmail.shaw.ca/fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
sodar
pagead2.googlesyndication.com/getconfig/ |
16 KB 12 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com/SIE/ |
10 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
favicon.ico
webmail.shaw.ca/images/ |
1 KB 2 KB |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sodar2.js
tpc.googlesyndication.com/sodar/ |
17 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
Targeting.php
siteintercept.qualtrics.com/WRSiteInterceptEngine/ |
127 B 184 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B5B9 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
sodar
pagead2.googlesyndication.com/pagead/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- webmail.shaw.ca
- URL
- https://webmail.shaw.ca/js/combine_signon_136.js
- Domain
- webmail.shaw.ca
- URL
- https://webmail.shaw.ca/fonts/icomoon56ab.woff
- Domain
- webmail.shaw.ca
- URL
- https://webmail.shaw.ca/fonts/icomoon56ab.ttf
- Domain
- pagead2.googlesyndication.com
- URL
- https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202405210101&jk=586444419776102&bg=!V1SlVBvNAAbUqhG89Ko7ADQBe5WfOBAaQPc4GKIwOjh7AwcozlC3z3NX8FGCuDYDACpS5V_GtFfXgm4O652nebuiLNr7AgAAAFhSAAAAB2gBB34ANn_R7fuR1Nn9QvuHm3-LQPf7yKz2ofA7oQ4tPfh81NnyrE_Cv7dQNMBlasWxzOyDEOczDCnoAZkCl8w1nZKVEiJEF9d8XpYtko2O4BlQJPuxz0D7I4N4eCPPj7vCKk1JLSmTj94nlxiXTZEha02vDanNHi-ZlOWmPSg13_b1qw49WCqucxjClrnYv1n9a-aok3rS9N0zxjPw9P9cG4dJ4FSRq4cpIAmF_AYaFVDJvH5AJ85YN4RRPTf7k43x69Gpwp5QF0fdnB2zfIfanu5Db7qUOMyqrhkhNrMBZIgmWXe5WMO_Ta5poujVZdWaSYAJmpyuMIjhgkpAycQyUtUBbb1t4Z8euWA5pCb6VCX6Ob2Y6FFhq5cMFzCbP6gZnAPXClYy_3Qy7TklsHWuvmMWLcoqGz243aEF4CKh6XXU0R1cA4tfkFXfGEMEQIcRtyqzTb3OyvAkNDczXc-1GBA76lDtmF6EKLQb4bN8vkfx9AvnrlGZM14RElXFv24OdStvBIn-3l3HO4sIqbR7-nVgwpw2D8EfGPUw45UHo6zerFtwvwVoKNWBLZlaZjWPwES-Lr4HX2G8nf-0o9lf9JduRyvzyYrzBx94OsDaB8kMhSfZBdNyEjtDGN4bVUZxK4dhmNGoeh6FRGSUDvPD8X3h9HCadJL0V9cDn7Y2dEVMVDvIKtwnjkGuYE8eQa39nhFFrm_HJnQKLOfQpAnky7qxr7N8rCu0GP61mjRqxuZkdGP0S7PZjdu_rdwin1vfEhecgSOTdSapAkVtqcnJv86AX2WAGtL4DWHB0Jz77jJePodZ7kUBBxkVLks_KfYJumKXcboxkZXJx07rjkJ7AiaglhSw1sK1nNh0PKdX9-wp3C4w_wzAhLK4t0-ZO7XNy2Tig0oyYnkmIWkIv3VeKxn9kd9n4ZORmF76k7zeLNOc9nP-U5j4g-ME8lqGp2iJOPWlzg
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Shaw (Telecommunication)23 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| googletag object| ggeac object| google_tag_data boolean| google_plmetrics object| google_js_reporting_queue object| gptadslots function| checkAd function| $ function| jQuery function| displayError function| checkEmpty undefined| google_measure_js_timing number| google_unique_id object| gaGlobal string| gaJsHost object| _gat object| _gaq object| pageTracker object| QSI object| WAFQualtricsWebpackJsonP-cloud-2.7.0 object| GoogleGcLKhOms object| google_image_requests5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.jeepzone.co.za/ | Name: __utmc Value: 138388523 |
|
.jeepzone.co.za/ | Name: __utmz Value: 138388523.1716686407.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none) |
|
.jeepzone.co.za/ | Name: __utmt Value: 1 |
|
.jeepzone.co.za/ | Name: __utma Value: 138388523.286359080.1716686407.1716686407.1716686407.1 |
|
.jeepzone.co.za/ | Name: __utmb Value: 138388523.1.10.1716686407 |
9 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
44edf68f46a516885606716c15a2a115.safeframe.googlesyndication.com
jeepzone.co.za
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
siteintercept.qualtrics.com
ssl.google-analytics.com
tpc.googlesyndication.com
webmail.shaw.ca
www.googletagservices.com
zn_djzxqpnjgabhfwh-shaw.siteintercept.qualtrics.com
pagead2.googlesyndication.com
webmail.shaw.ca
104.17.209.240
142.250.181.226
172.217.18.2
197.221.14.165
23.63.231.167
2a00:1450:4001:803::2002
2a00:1450:4001:806::2001
2a00:1450:4001:80b::2008
2a00:1450:4001:82b::2001
027ea5e98b81e8762fb02cce7305e66551621c723fa223c05274352d47fde4af
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
27c361265ec07215bcd0373d146e385e13bc62d35cda4f1310faad6dee9eb7b2
28d67e38e786f668fd2626102d56948a804d96d7e7da9fab7a7cedbde80adcf4
30b07af0c79b6241e9cd0ac1b56006cefb70b6204d9a1eb98a61b7b73e3fb7a5
34b0db37644464bbf67f7f9df2f8a3fed69279673b102a9c1d1a9ed13e6e229e
3e5a1b328a2d0c4d6b5ba11ced21fd385520e0ee87e1309eb188ff8bbb42c17f
3fe7f7a5e9f98e3cb42eeb3f0ae61b9c501d7c427b38cd5270953b533d36a4d9
49416531519583e597dccc3856da2fa093b5e739baf9fda442b7047309e7f51c
4a57782e3a025dd4aef0918ddab21ffa7dc69777710836bd1f185ac77a468b37
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
88b125529ca9fa46abb82c6111fe18efe191261c90c0275c54170edfbeb15fb9
9542c77603c4493631d05f65423817761cea0f0788660184c842b2f18d21d810
b6e3cac598ee80d6cb0e409a43a0ddb9e8fe75ce4250f7f285e81f2c3b2fa0f1
c41d51bd24cc1fde6980139edd5c86e0fd64f36be25e8094b672d2559a3b036c
cc0c5533bfb4b12b3105dc757a6a071865a9aa385b6d63afdb9eb6b86602008a
d5a53b7daee25990b08f6f38fd006e85488ddfb08415d2b20f4f6e4a171e2ff8
dbb409e0a26958ffa3c117493f4c20a7fd777308bd1880be65987714d4763bcf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
efa7e8b53405fba9dffad82b5d3b6c9b35b44fe82b2650ec9567924075ba7864
fee4a4662367e79098657625fb702e04d08283307cb36a9cc258d74ab30841bb
ff5e6bb8ad6d5ee8aa70771c9ac0ad5b9563f3ee6d449af149c52bd4cd13851f