www.fortinet.com
Open in
urlscan Pro
18.192.220.216
Public Scan
Effective URL: https://www.fortinet.com/blog/threat-research/beware-of-emails-purporting-to-be-from-the-irs
Submission: On April 07 via api from US
Summary
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on March 13th 2021. Valid for: a year.
This is the only time www.fortinet.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 167.89.118.83 167.89.118.83 | 11377 (SENDGRID) (SENDGRID) | |
9 | 18.192.220.216 18.192.220.216 | 16509 (AMAZON-02) (AMAZON-02) | |
6 | 2606:4700::68... 2606:4700::6810:9540 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:10:... 2606:4700:10::6814:b944 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
5 | 2a02:26f0:710... 2a02:26f0:7100:1ab::1e80 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 | 3.250.252.43 3.250.252.43 | 16509 (AMAZON-02) (AMAZON-02) | |
1 2 | 35.181.18.61 35.181.18.61 | 16509 (AMAZON-02) (AMAZON-02) | |
23 | 7 |
ASN11377 (SENDGRID, US)
PTR: o16789118x83.outbound-mail.sendgrid.net
beenverifiedmediacom.beenverifiedmedia.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-220-216.eu-central-1.compute.amazonaws.com
www.fortinet.com |
ASN20940 (AKAMAI-ASN1, NL)
assets.adobedtm.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-250-252-43.eu-west-1.compute.amazonaws.com
dpm.demdex.net |
ASN16509 (AMAZON-02, US)
PTR: ec2-35-181-18-61.eu-west-3.compute.amazonaws.com
metrics.fortinet.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
fortinet.com
1 redirects
www.fortinet.com metrics.fortinet.com |
509 KB |
6 |
cookielaw.org
cdn.cookielaw.org |
116 KB |
5 |
adobedtm.com
assets.adobedtm.com |
81 KB |
1 |
demdex.net
dpm.demdex.net |
723 B |
1 |
onetrust.com
geolocation.onetrust.com |
521 B |
1 |
beenverifiedmedia.com
1 redirects
beenverifiedmediacom.beenverifiedmedia.com |
296 B |
23 | 6 |
Domain | Requested by | |
---|---|---|
9 | www.fortinet.com |
www.fortinet.com
|
6 | cdn.cookielaw.org |
www.fortinet.com
cdn.cookielaw.org |
5 | assets.adobedtm.com |
cdn.cookielaw.org
assets.adobedtm.com |
2 | metrics.fortinet.com | 1 redirects |
1 | dpm.demdex.net |
assets.adobedtm.com
|
1 | geolocation.onetrust.com |
cdn.cookielaw.org
|
1 | beenverifiedmediacom.beenverifiedmedia.com | 1 redirects |
23 | 7 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.irs.gov |
www.treasury.gov |
secure.fortinet.com |
www.facebook.com |
www.twitter.com |
www.youtube.com |
www.linkedin.com |
www.instagram.com |
fortiguard.com |
fusecommunity.fortinet.com |
onetrust.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
*.fortinet.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-03-13 - 2022-04-13 |
a year | crt.sh |
cookielaw.org Cloudflare Inc ECC CA-3 |
2020-07-01 - 2021-07-01 |
a year | crt.sh |
onetrust.com Cloudflare Inc ECC CA-3 |
2021-02-12 - 2022-02-11 |
a year | crt.sh |
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1 |
2021-01-08 - 2021-09-30 |
9 months | crt.sh |
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-02 - 2022-01-02 |
a year | crt.sh |
metrics.fortinet.com DigiCert TLS RSA SHA256 2020 CA1 |
2020-12-10 - 2022-01-10 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://www.fortinet.com/blog/threat-research/beware-of-emails-purporting-to-be-from-the-irs
Frame ID: 9C375432B451087B0EBF3A9D19570004
Requests: 25 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://beenverifiedmediacom.beenverifiedmedia.com/ls/click?upn=vLD55iA-2BgqWWo-2FYaOvSnsZz8i44-2FFVLGwaUXKqbBQnqT3gCqNF0NbiPui...
HTTP 302
https://www.fortinet.com/blog/threat-research/beware-of-emails-purporting-to-be-from-the-irs Page URL
Detected technologies
Apache (Web Servers) ExpandDetected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
13 Outgoing links
These are links going to different origins than the main page.
Title: IRS.gov/payments
Search URL Search Domain Scan URL
Title: their rights as a taxpayer
Search URL Search Domain Scan URL
Title: IRS Impersonation Scam Reporting
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: FortiGuard Labs
Search URL Search Domain Scan URL
Title: Threat Briefs
Search URL Search Domain Scan URL
Title: Fuse Community
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://beenverifiedmediacom.beenverifiedmedia.com/ls/click?upn=vLD55iA-2BgqWWo-2FYaOvSnsZz8i44-2FFVLGwaUXKqbBQnqT3gCqNF0NbiPuiVBNmZFPhzmjzkacY-2Bm1-2B9-2FbRVR9k2TSMVK27zh9JSrTfhYPGR1Dj6vDZd-2BCGUF9N0df20f3InSb2K4CY-2BoZcfibgiayuQ-3D-3Dq-eX_MMI1mOinMV0XBoISFuoUt2kj4v9dqz-2F2D1Ea-2BqCX67hy8uLuPLHqKL-2FHGwmgMLVOmGWjtEGc8mI5-2FKlfkDQ5enflbdX7puRY0Xa30mAYy4cTZA-2FdlqxSw6l7R9wx6m4KhBosHp4haTwTOd54VP-2FEZM-2Fm-2BYLaKNWVmJKTCQINCNOxeK-2BGtJxxwl4QDptGCmzrMDJuRXizB2We8qeqhNyJKw-3D-3D
HTTP 302
https://www.fortinet.com/blog/threat-research/beware-of-emails-purporting-to-be-from-the-irs Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 23- https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.22.0-LBQ1/s79114014765796?AQB=1&ndh=1&pf=1&t=7%2F3%2F2021%2019%3A30%3A28%203%20-120&fid=30EB07A9EB0D5E4E-20885A53398E6A60&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Abeware-of-emails-purporting-to-be-from-the-irs&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbeware-of-emails-purporting-to-be-from-the-irs&c.&cm.&ssf=1&.cm&.c&cc=USD&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fbeware-of-emails-purporting-to-be-from-the-irs&c7=Entire%20Site&c8=New&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Abeware-of-emails-purporting-to-be-from-the-irs&v35=Enabled&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
- https://metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.22.0-LBQ1/s79114014765796?AQB=1&pccr=true&vidn=3036F61A73FBFCEF-40000DAE7B0D176F&ndh=1&pf=1&t=7%2F3%2F2021%2019%3A30%3A28%203%20-120&fid=30EB07A9EB0D5E4E-20885A53398E6A60&ce=UTF-8&pageName=en%3Ablog%3Athreat-research%3Abeware-of-emails-purporting-to-be-from-the-irs&g=https%3A%2F%2Fwww.fortinet.com%2Fblog%2Fthreat-research%2Fbeware-of-emails-purporting-to-be-from-the-irs&c.&cm.&ssf=1&.cm&.c&cc=USD&v1=www.fortinet.com%2Fblog%2Fthreat-research%2Fbeware-of-emails-purporting-to-be-from-the-irs&c7=Entire%20Site&c8=New&v27=BLOG&v33=en%3Ablog%3Athreat-research%3Abeware-of-emails-purporting-to-be-from-the-irs&v35=Enabled&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
23 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
beware-of-emails-purporting-to-be-from-the-irs
www.fortinet.com/blog/threat-research/ Redirect Chain
|
39 KB 15 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-base.min.css
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ |
216 KB 27 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otSDKStub.js
cdn.cookielaw.org/scripttemplates/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
fortinet-logo-white.svg
www.fortinet.com/content/dam/fortinet-blog/ |
32 KB 3 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
clientlib-base.min.js
www.fortinet.com/etc.clientlibs/fortinet-blog/clientlibs/ |
150 KB 69 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
f85f39fc-d7aa-467a-b762-fbb722748016.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/ |
4 KB 2 KB |
XHR
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
71 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tax_01.png
www.fortinet.com/content/dam/fortinet-blog/article-images/irs_tax_scam_blog/ |
115 KB 115 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
irs-notification-no-it-is-a-scam.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pdf1.png.thumb.319.319.png
www.fortinet.com/content/dam/fortinet-blog/article-images/individual-images/ |
14 KB 15 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
location
geolocation.onetrust.com/cookieconsentpub/v1/geo/ |
164 B 521 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otBannerSdk.js
cdn.cookielaw.org/scripttemplates/6.10.0/ |
356 KB 78 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
en.json
cdn.cookielaw.org/consent/f85f39fc-d7aa-467a-b762-fbb722748016/2149c787-bccf-419d-b831-2a3ac6bafc66/ |
62 KB 14 KB |
Fetch
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otCenterRounded.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/ |
9 KB 3 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
otPcTab.json
cdn.cookielaw.org/scripttemplates/6.10.0/assets/v2/ |
45 KB 12 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
tax-01.png
www.fortinet.com/blog/threat-research/beware-of-emails-purporting-to-be-from-the-irs/_jcr_content/root/responsivegrid/image.img.png/1537062664870/ |
183 KB 184 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
screen-01.png
www.fortinet.com/blog/threat-research/beware-of-emails-purporting-to-be-from-the-irs/_jcr_content/root/responsivegrid/image_829530947.img.png/1537063110332/ |
18 KB 18 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
42 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
launch-EN23cb8375449840dc93b13f34d935b8b9.min.js
assets.adobedtm.com/ |
286 KB 65 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
33 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
AppMeasurement_Module_ActivityMap.min.js
assets.adobedtm.com/extensions/EPbde2f7ca14e540399dcc1f8208860b7b/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RCb652faf409a54c3db318899e2cbcc95c-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9f76f7c2fe57/ |
881 B 718 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
RC8b0bc4a0b33e4476a134b6c5193977e7-source.min.js
assets.adobedtm.com/b359cfb740b4/a792d4e6ffcd/9f76f7c2fe57/ |
358 B 493 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
optOutStatus
dpm.demdex.net/ |
41 B 723 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
s79114014765796
metrics.fortinet.com/b/ss/fortinetincproduction/1/JS-2.22.0-LBQ1/ Redirect Chain
|
43 B 322 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
72 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated object| OneTrustStub string| OnetrustActiveGroups string| OptanonActiveGroups object| dataLayer function| OptanonWrapper function| jsonFeed object| otStubData object| Optanon object| OneTrust object| fortinet_blog object| EasyAutocomplete object| search_config object| keywords object| siteId object| lang object| options boolean| searchFired boolean| blogFilter string| documentsQuery string| blogCategories string| authorsList string| yearsList object| lastQuery number| totalReturn number| lastRow object| lastWordsForCounting function| htmlEncode function| hideAutoComplete function| sitesearch_init function| sitesearch_search_callback function| sitesearch_countall_callback function| sitesearch_do_search function| sitesearch_do_force_search function| sitesearch_spellcheck_callback function| sitesearch_do_spellcheck function| sitesearch_do_suggest_search function| sitesearch_query_searchresult_callback function| sitesearch_do_query_searchresult function| sitesearch_click_page_callback function| sitesearch_click_page function| search_action function| sitesearch_search_fortiguard function| count_facets_type function| shuffle_facets function| setImmediate function| clearImmediate function| $ function| jQuery object| _satellite boolean| __satelliteLoaded object| adobe function| Visitor object| s_c_il number| s_c_in function| AppMeasurement function| s_gi function| s_pgicq number| s_objectID number| s_giq function| AppMeasurement_Module_ActivityMap function| liberatedGetOptOut object| s_i_fortinetincproduction1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.fortinet.com/ | Name: OptanonConsent Value: hosts=&datestamp=Wed+Apr+07+2021+19%3A30%3A28+GMT%2B0200+(Central+European+Summer+Time)&version=6.10.0&isIABGlobal=false&consentId=1c71115f-a950-4cba-843a-84eb7dfe582e&interactionCount=0&groups=C0001%3A1%2CC0002%3A0%2CC0003%3A0%2CC0004%3A0 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=31536000; includeSubDomains |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets.adobedtm.com
beenverifiedmediacom.beenverifiedmedia.com
cdn.cookielaw.org
dpm.demdex.net
geolocation.onetrust.com
metrics.fortinet.com
www.fortinet.com
167.89.118.83
18.192.220.216
2606:4700:10::6814:b944
2606:4700::6810:9540
2a02:26f0:7100:1ab::1e80
3.250.252.43
35.181.18.61
047f3105c9c1c03b56fb255cbb8cbfbad3a41aeab4928d722f42be59e48175fb
0486530f1e98818865754a08e1b5442ac5a6a36a6bf6042e3b3338a532e998d2
0720dc4e1e637a51e60fb79db517e20cb8ba56c363389be620bdfed91ef599de
1b11581a814bb3ee9f885812de60fc4f7fa892927eb5598c073582acb6737d41
1b94f9074fc2ef1b63132fc70fe244cc5d5322e5982a80b6273a45a935ae335f
1e1a42cb75ebd81eb31850e485ef4c6e3667a45f57f778f249bca1f2852a97e4
2e409af4e2cd960258ebce74a7af470632e2fa44a18cbc2e49da7f098a3c572c
452ee2471448cc6b716090a014cf7fc9cc515998bda9dcc334aa073a72a591e7
5ae3c1e0eb2918799557fbed5c846572842b3d8a8953ca81d2ebb156215cae22
5b4c9abcf01dcf74e0adf075ff4d47464c62c84307ae5ebd115d45da70e6443d
787e239063b492ee703296108dd123e4bba82ef7bc7a61d5f821359e906f3377
7a23e0e46e16f067271bc79c92a917c13769848457d16cdf109e4dc04c687e8f
8045cb18a58120f4f12a09b2d462c53aaf50672d76fd15426411213d68f0a73b
923092562858996d226107404d67faf8510e7610e514813f7458265b1df21d6b
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a334f368b502d68bcaafb174022cfe21775f1744f0a1cd520d0c57d094a8e66a
b19e0a7e541ac5cb6f7f18c1b71964454ebf41179f051b2072ad787a12314684
c1c2df1cde8c702cc4282cc1742c6390328e3ae78745edc6702c5fa3437237b9
d2afd46ac58cd7e89b3fdfd790300d69034e94151ed45acf83d7b6d5dccfdb17
d5508b589b728e85562349ba2524f68eef4a1272ccf3ea3f14279a8fb3733f5f
d6b423c91328eec9c218dd8b21ae1e676987d574e5432411a32806e5dd2bde32
e5873dbdaa376d924cfa4b2ba4b1622d4e6e483866e2b7bc24ef3007ff5960e7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f96fdbab23b453d4b04bf56b35c8946fb4c56962add8ceded797e4502bdb2afa
f9b2aaabab92d9c63930432351fa3f5aa634fcb5db31b039e23465f8b4bd5a68