mail.seakingz.com
Open in
urlscan Pro
162.214.75.199
Malicious Activity!
Public Scan
Effective URL: http://mail.seakingz.com/2/Adobe_CN/Adobe_CN/qrurkhvo4wv7legp2xmxf4xy.php?181K6C1629076592a58ad9c1a5f5ecf8e12ef8b1b7e71fe...
Submission: On August 16 via automatic, source openphish
Summary
This is the only time mail.seakingz.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Adobe (Consumer)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 3 | 162.214.75.199 162.214.75.199 | 46606 (UNIFIEDLA...) (UNIFIEDLAYER-AS-1) | |
1 | 2a02:26f0:fb:... 2a02:26f0:fb:5af::1efd | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:ba13 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 65.9.88.55 65.9.88.55 | 16509 (AMAZON-02) (AMAZON-02) | |
4 | 65.9.96.51 65.9.96.51 | 16509 (AMAZON-02) (AMAZON-02) | |
5 | 2a02:26f0:6c0... 2a02:26f0:6c00:299::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
5 | 2a02:26f0:6c0... 2a02:26f0:6c00::210:ba2a | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 3 | 52.31.176.223 52.31.176.223 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 2a02:26f0:6c0... 2a02:26f0:6c00:28d::19fd | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 13.36.218.177 13.36.218.177 | 16509 (AMAZON-02) (AMAZON-02) | |
1 | 3.89.170.92 3.89.170.92 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 15.188.95.229 15.188.95.229 | 16509 (AMAZON-02) (AMAZON-02) | |
29 | 13 |
ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: server.vazhihostings.com
mail.seakingz.com |
ASN20940 (AKAMAI-ASN1, NL)
wwwimages2.adobe.com |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-176-223.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-13-36-218-177.eu-west-3.compute.amazonaws.com
sstats.adobe.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-89-170-92.compute-1.amazonaws.com
server.messaging.adobe.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
stats.adobe.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
adobe.com
wwwimages2.adobe.com www.adobe.com client.messaging.adobe.com sstats.adobe.com server.messaging.adobe.com Failed stats.adobe.com |
37 KB |
6 |
typekit.net
use.typekit.net p.typekit.net |
612 KB |
5 |
adobedtm.com
assets.adobedtm.com |
166 KB |
5 |
adobelogin.com
static.adobelogin.com |
69 KB |
3 |
demdex.net
1 redirects
dpm.demdex.net |
6 KB |
3 |
seakingz.com
2 redirects
mail.seakingz.com |
35 KB |
29 | 6 |
Domain | Requested by | |
---|---|---|
5 | use.typekit.net |
mail.seakingz.com
use.typekit.net |
5 | assets.adobedtm.com |
www.adobe.com
assets.adobedtm.com |
5 | static.adobelogin.com |
mail.seakingz.com
static.adobelogin.com |
4 | client.messaging.adobe.com |
mail.seakingz.com
client.messaging.adobe.com |
3 | dpm.demdex.net |
1 redirects
assets.adobedtm.com
|
3 | mail.seakingz.com | 2 redirects |
1 | stats.adobe.com |
assets.adobedtm.com
|
1 | server.messaging.adobe.com |
client.messaging.adobe.com
|
1 | sstats.adobe.com |
assets.adobedtm.com
|
1 | p.typekit.net |
use.typekit.net
|
1 | www.adobe.com |
mail.seakingz.com
|
1 | wwwimages2.adobe.com |
mail.seakingz.com
|
29 | 12 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.adobe.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.adobe.com DigiCert SHA2 Secure Server CA |
2021-01-25 - 2022-02-01 |
a year | crt.sh |
static.adobelogin.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-13 - 2022-07-18 |
a year | crt.sh |
*.messaging.adobe.com DigiCert SHA2 Secure Server CA |
2020-06-01 - 2022-06-06 |
2 years | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
use.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-11-03 - 2021-11-07 |
a year | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
*.typekit.net DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-16 - 2022-07-21 |
a year | crt.sh |
sstats.adobe.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-07-26 - 2022-08-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
http://mail.seakingz.com/2/Adobe_CN/Adobe_CN/qrurkhvo4wv7legp2xmxf4xy.php?181K6C1629076592a58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71fee&login=
Frame ID: AFEC28FED685845C07C815EADC9F769C
Requests: 27 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://mail.seakingz.com/2/Adobe_CN/Adobe_CN
HTTP 301
http://mail.seakingz.com/2/Adobe_CN/Adobe_CN/ HTTP 302
http://mail.seakingz.com/2/Adobe_CN/Adobe_CN/qrurkhvo4wv7legp2xmxf4xy.php?181K6C1629076592a58ad9c1a5f... Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Adobe DTM (Tag Managers) Expand
Detected patterns
- script /\/\/assets.adobedtm.com\//i
Page Statistics
1 Outgoing links
These are links going to different origins than the main page.
Title: 了解更多。
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://mail.seakingz.com/2/Adobe_CN/Adobe_CN
HTTP 301
http://mail.seakingz.com/2/Adobe_CN/Adobe_CN/ HTTP 302
http://mail.seakingz.com/2/Adobe_CN/Adobe_CN/qrurkhvo4wv7legp2xmxf4xy.php?181K6C1629076592a58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71feea58ad9c1a5f5ecf8e12ef8b1b7e71fee&login= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://dpm.demdex.net/id?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1629076593362 HTTP 302
- https://dpm.demdex.net/id/rd?d_visid_ver=5.0.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=9E1005A551ED61CA0A490D45%40AdobeOrg&d_nsid=0&ts=1629076593362
29 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
qrurkhvo4wv7legp2xmxf4xy.php
mail.seakingz.com/2/Adobe_CN/Adobe_CN/ Redirect Chain
|
34 KB 34 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
privacy.min.js
wwwimages2.adobe.com/etc/beagle/public/globalnav/adobe-privacy/latest/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.min.js
www.adobe.com/marketingtech/ |
13 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
light.css
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/css/ |
54 KB 11 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spectrum_head.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spectrum_body.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ |
155 KB 51 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdobeMessagingClient.css
client.messaging.adobe.com/latest/ |
42 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AdobeMessagingClient.js
client.messaging.adobe.com/latest/ |
78 KB 17 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
spectrum_capsindicator.js
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/script/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-EN919758db9a654a17bac7d184b99c4820.min.js
assets.adobedtm.com/ |
557 KB 164 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
sprite.svg
static.adobelogin.com/renga-idprovider/resources/412f897439591c341ede769476580085/spectrum/img/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
hlx1mlm.js
use.typekit.net/ |
34 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rd
dpm.demdex.net/id/ Redirect Chain
|
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC89c6d3bd15f043db95a5a0a4b5cc9da0-file.min.js
assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/0997958c0e57/ |
821 B 766 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
p.gif
p.typekit.net/ |
35 B 214 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
use.typekit.net/af/9fd8c9/0000000000000000000177e7/27/ |
195 KB 150 KB |
XHR
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
use.typekit.net/af/1e5f35/0000000000000000000177ec/27/ |
195 KB 149 KB |
XHR
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
use.typekit.net/af/078880/0000000000000000000177ee/27/ |
201 KB 151 KB |
XHR
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
m
use.typekit.net/af/5acd1b/0000000000000000000177f3/27/ |
201 KB 150 KB |
XHR
font/opentype |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
initConfig.json
client.messaging.adobe.com/2.28.2/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
initConfig.json
client.messaging.adobe.com/2.28.2/ |
134 B 611 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC8b2fc74a3d60422a950baec834ba8202-file.min.js
assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/0997958c0e57/ |
861 B 729 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCd685f8c6c09c43808ebe3d73ec90e0e1-file.min.js
assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/0997958c0e57/ |
1 KB 841 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC036830be72f242959c7b9ca66cef0c85-file.min.js
assets.adobedtm.com/d4d114c60e50/f3fbfbe0e7ca/0997958c0e57/ |
323 B 530 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
sstats.adobe.com/ |
48 B 507 B |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
init
server.messaging.adobe.com/core/v1/messaging/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
init
server.messaging.adobe.com/core/v1/messaging/ |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
id
dpm.demdex.net/ |
7 KB 3 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H/1.1 |
s02843598964542
stats.adobe.com/b/ss/adbadobenonacdcprod,adbadobeprototype/1/JS-2.20.0-LBSQ/ |
43 B 662 B |
XHR
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- server.messaging.adobe.com
- URL
- https://server.messaging.adobe.com/core/v1/messaging/init
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Adobe (Consumer)64 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated object| marketingtech object| adobePrivacy function| DigitalData object| digitalData object| targetGlobalSettings function| __satelliteLoadedCallback object| __satelliteLoadedPromise object| _satellite object| launchConfig string| special_day_char object| Modernizr function| scReport function| scJarvisReport function| scUserInteractionEvent function| getEnhancedDropdownParent function| KoreanPolicies object| Mailcheck function| $ function| jQuery object| _ function| getValidatorGroups object| components object| IMS object| jQuery191012235152631098001 object| views object| AdobeMessagingExperienceClient function| AdobeMessagingClient boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| alloy function| determineConsent function| DemandbaseAPI number| s_objectID number| s_giq function| DIL function| AppMeasurement function| AppMeasurement_Module_ActivityMap function| AppMeasurement_Module_AudienceManagement function| AppMeasurement_Module_Integrate object| s_adobe object| s_adbadobenonacdc object| s function| handle boolean| enableDexFlag object| marketingTagInfo object| Typekit object| _sat string| h string| path function| index string| dataElementName undefined| dnbScript string| tempImpression object| s_i_adbadobenonacdcprod_adbadobeprototype3 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.seakingz.com/ | Name: s_nr Value: 1629076593397-New |
|
.seakingz.com/ | Name: sat_domain Value: A |
|
.seakingz.com/2/Adobe_CN/Adobe_CN | Name: sat_domain Value: A |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
client.messaging.adobe.com
dpm.demdex.net
mail.seakingz.com
p.typekit.net
server.messaging.adobe.com
sstats.adobe.com
static.adobelogin.com
stats.adobe.com
use.typekit.net
www.adobe.com
wwwimages2.adobe.com
server.messaging.adobe.com
13.36.218.177
15.188.95.229
162.214.75.199
2a02:26f0:6c00:28d::19fd
2a02:26f0:6c00:299::1e80
2a02:26f0:6c00::210:ba13
2a02:26f0:6c00::210:ba2a
2a02:26f0:fb:5af::1efd
3.89.170.92
52.31.176.223
65.9.88.55
65.9.96.51
107c0eaeeac3c4cebd5de5abe5aa36d4f609126b437fec05e42199df47c9ce2a
170af7bd0d95912892c38ca9956b9beabfac7ea566c3809561db3eb9fbdb5777
1d2e29aa11e4ace3d57b430457673343fb26141eecdb9316a19affcdcfbe9235
1f9f9d05fc965f64e28f5cb6886d0dcc47822739811d592d2cc184c28dc3b3f1
270773b6ef19cc501be8bf959193dd47b2c02bd76cd147e74e91ed5c0fb70ccb
300fab6dae66858812adf00c1f40a2bf68b219f795e6b48925354e85118d31db
306c19f28f895bff08ba4e7123afaca5048e6b24f3745a0a526bfc1c5789e94d
38576ca6dd9cb727b19d59dc728dd4cc18b646cc6732ed07ea6fcc51d9a30aca
42a7e891fbd24fc0f4cf796eaa6cdeb5c8c02f12e0ffc97f0495a7b1547dc6dd
4cf1ade01d47c67b3312f6750d7baaa76c1cb0d1384ff654b255de1a859de959
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
599a201a8bcf34f862c99ed2109d9dab8083c751fa16aa2ee87382fdac0e1042
6308b4998e84e7b6a5d7487bbe962ddb16cc078526903b6bf3e870ffcc575ea7
64f8c1d80c4eb58fead216608644b1483487b71fa285d91cbd1d8312abe29831
67454cf99a68c978655bd889b367855fb18ed895cb5e0cbbe4ced8f4cd1ebbd7
675713619205b2dea877c15f02aed5220881fc575ed66dddb1379eb21731bc7b
7427662dc037bade5a86d42d96a94f75bba81e31a6c0337e5ec2132a1078a21e
7d60e9a224de67898d51ae6e1918b804cd41ce57ebd89338f7fd52b36c76dd51
8da87b95e7ffd07a1c1ce94d0cd836afee64294b2a74df6c0302bc85bb859416
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c8239495d74e4c548e2f290020aefc947e6f9059ef5395d3209b8ec5d204ee6
d5346fb4c7d07c2875abc2c887df83b5fbb4fe932a3fca574be7d0ad667adc12
dc7bb89ca704eb9bcf1404f0d4180a73a444b30f735e2becff16e060db34188a
e859dd198f9db558da0e08f8c964e286767e822c8eb9712cc93473e8bd45e177
ff48c0aa9a866eb167b2b5588d7de72c49686c92dd8c0e8ba77fa7f2752a9f9d
ffaa4934ebe6175e11a15acbd0201ad64d092b27a037ac7b82fadf5cbfc009b7