blog.securolytics.io
Open in
urlscan Pro
54.173.173.29
Public Scan
URL:
https://blog.securolytics.io/2017/05/split-tunnel-smtp-exploit-explained/
Submission: On May 30 via manual from IN
Submission: On May 30 via manual from IN
Summary
This website contacted 13 IPs
in 3 countries
across 11 domains to perform 72 HTTP transactions.
The main IP is 54.173.173.29, located in
Ashburn, United States and
belongs to AMAZON-AES - Amazon.com, Inc., US.
The main domain is blog.securolytics.io.
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 13th 2016. Valid for: a year.
This is the only time blog.securolytics.io was scanned on urlscan.io!
TLS certificate: Issued by COMODO RSA Organization Validation Se... on June 13th 2016. Valid for: a year.
This is the only time blog.securolytics.io was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 43 | 54.173.173.29 54.173.173.29 | 14618 (AMAZON-AES) (AMAZON-AES - Amazon.com) | |
| 2 | 198.232.125.123 198.232.125.123 | 3257 (GTT-BACKB...) (GTT-BACKBONE GTT) | |
| 2 | 2a00:1450:400... 2a00:1450:4001:816::200a | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
| 2 | 2400:cb00:204... 2400:cb00:2048:1::6814:6e27 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - CloudFlare) | |
| 1 | 8.40.222.106 8.40.222.106 | 2639 (ZOHO-AS) (ZOHO-AS - ZOHO) | |
| 4 | 2a00:1450:400... 2a00:1450:4001:816::200e | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
| 2 | 8.40.222.111 8.40.222.111 | 2639 (ZOHO-AS) (ZOHO-AS - ZOHO) | |
| 5 | 2a00:1450:400... 2a00:1450:4001:816::2003 | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
| 1 | 2a00:1450:400... 2a00:1450:400c:c04::9d | 15169 (GOOGLE) (GOOGLE - Google Inc.) | |
| 2 | 178.162.208.180 178.162.208.180 | 28753 (LEASEWEB-) (LEASEWEB-) | |
| 5 | 8.40.222.123 8.40.222.123 | 2639 (ZOHO-AS) (ZOHO-AS - ZOHO) | |
| 1 | 74.201.154.73 74.201.154.73 | 2639 (ZOHO-AS) (ZOHO-AS - ZOHO) | |
| 72 | 13 |
43
54.173.173.29
(Ashburn, United States)
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-173-29.compute-1.amazonaws.com
ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-173-29.compute-1.amazonaws.com
| blog.securolytics.io |
2
198.232.125.123
(Los Angeles, United States)
ASN3257 (GTT-BACKBONE GTT, DE)
PTR: 123-125-232-198.static.unitasglobal.net
ASN3257 (GTT-BACKBONE GTT, DE)
PTR: 123-125-232-198.static.unitasglobal.net
| maxcdn.bootstrapcdn.com |
2
2400:cb00:2048:1::6814:6e27
(United States)
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
ASN13335 (CLOUDFLARENET - CloudFlare, Inc., US)
| static.addtoany.com |
2
178.162.208.180
(Germany)
ASN28753 (LEASEWEB-, DE)
PTR: sni.de-aurora-dc.cldsrv.biz
ASN28753 (LEASEWEB-, DE)
PTR: sni.de-aurora-dc.cldsrv.biz
| teknas.piwikpro.com |
5
8.40.222.123
(United States)
ASN2639 (ZOHO-AS - ZOHO, US)
ASN2639 (ZOHO-AS - ZOHO, US)
| css.zohostatic.com | |
| js.zohostatic.com | |
| img.zohostatic.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 43 |
securolytics.io
blog.securolytics.io |
5 MB |
| 6 |
zohostatic.com
css.zohostatic.com js.zohostatic.com img.zohostatic.com |
80 KB |
| 5 |
gstatic.com
fonts.gstatic.com |
99 KB |
| 4 |
google-analytics.com
www.google-analytics.com |
24 KB |
| 3 |
zoho.com
crm.zoho.com salesiq.zoho.com |
13 KB |
| 2 |
piwikpro.com
teknas.piwikpro.com |
21 KB |
| 2 |
addtoany.com
static.addtoany.com |
24 KB |
| 2 |
googleapis.com
fonts.googleapis.com |
2 KB |
| 2 |
bootstrapcdn.com
maxcdn.bootstrapcdn.com |
70 KB |
| 1 |
doubleclick.net
stats.g.doubleclick.net |
53 B |
| 0 |
zohopublic.com
Failed
salesiq.zohopublic.com Failed |
|
| 72 | 11 |
| Domain | Requested by | |
|---|---|---|
| 43 | blog.securolytics.io |
blog.securolytics.io
|
| 5 | fonts.gstatic.com |
blog.securolytics.io
|
| 4 | www.google-analytics.com |
blog.securolytics.io
|
| 3 | img.zohostatic.com |
js.zohostatic.com
blog.securolytics.io |
| 2 | js.zohostatic.com |
salesiq.zoho.com
|
| 2 | teknas.piwikpro.com |
blog.securolytics.io
|
| 2 | salesiq.zoho.com |
blog.securolytics.io
|
| 2 | static.addtoany.com |
blog.securolytics.io
static.addtoany.com |
| 2 | fonts.googleapis.com |
blog.securolytics.io
|
| 2 | maxcdn.bootstrapcdn.com |
blog.securolytics.io
|
| 1 | css.zohostatic.com |
salesiq.zoho.com
|
| 1 | stats.g.doubleclick.net |
blog.securolytics.io
|
| 1 | crm.zoho.com |
blog.securolytics.io
|
| 0 | salesiq.zohopublic.com Failed |
js.zohostatic.com
|
| 72 | 14 |
This site contains links to these domains. Also see Links.
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| *.securolytics.io COMODO RSA Organization Validation Secure Server CA |
2016-06-13 - 2017-06-13 |
a year | crt.sh |
| *.bootstrapcdn.com RapidSSL SHA256 CA |
2016-10-13 - 2017-10-13 |
a year | crt.sh |
| *.googleapis.com Google Internet Authority G2 |
2017-05-24 - 2017-08-16 |
3 months | crt.sh |
| ssl472428.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2016-12-15 - 2017-10-25 |
10 months | crt.sh |
| *.zoho.com COMODO SHA-256 Domain Validation Secure Server CA |
2017-02-17 - 2019-05-28 |
2 years | crt.sh |
| *.google-analytics.com Google Internet Authority G2 |
2017-05-24 - 2017-08-16 |
3 months | crt.sh |
| *.google.com Google Internet Authority G2 |
2017-05-24 - 2017-08-16 |
3 months | crt.sh |
| *.g.doubleclick.net Google Internet Authority G2 |
2017-05-24 - 2017-08-16 |
3 months | crt.sh |
| *.piwikpro.com COMODO RSA Domain Validation Secure Server CA |
2017-05-08 - 2018-08-08 |
a year | crt.sh |
| *.zohostatic.com COMODO SHA-256 Organization Validation Secure Server CA |
2016-12-19 - 2019-04-10 |
2 years | crt.sh |
This page contains 3 frames:
Primary Page:
https://blog.securolytics.io/2017/05/split-tunnel-smtp-exploit-explained/
Frame ID: 6410.1
Requests: 71 HTTP requests in this frame
Frame:
https://static.addtoany.com/menu/sm.16.html
Frame ID: 6410.2
Requests: 1 HTTP requests in this frame
Frame:
https://salesiq.zohopublic.com/teknas/drawchat.ls?src=script&type=float&referrer=&pagetitle=Securolytics%20%7C%20Blog&embedname=securolytics&cpage=aHR0cHM6Ly9ibG9nLnNlY3Vyb2x5dGljcy5pby8yMDE3LzA1L3NwbGl0LXR1bm5lbC1zbXRwLWV4cGxvaXQtZXhwbGFpbmVkLw%3D%3D&autochat=false&lang=en&loadedtime=1496120596490
Frame ID: 6410.3
Requests: 1 HTTP requests in this frame
27 Outgoing links
These are links going to different origins than the main page.
URL: http://www.esmc.org/
Title: Excelsior Springs Hospital
Title: Excelsior Springs Hospital
Search URL Search Domain Scan URL
URL: https://securolytics.io/free-tools/exploitable-port-scanner/
Title: Securolytics Exploitable IoT Scanner
Title: Securolytics Exploitable IoT Scanner
Search URL Search Domain Scan URL
URL: http://securol.yt/microsoft-ExchangeBuilds
Title: List of Microsoft Exchange Build Numbers
Title: List of Microsoft Exchange Build Numbers
Search URL Search Domain Scan URL
URL: https://www.virustotal.com/en/file/39cb85066f09ece243c60fd192877ef6fa1162ff0b83ac8bec16e6df495ee7af/analysis/1495234308/
Title: VirusTotal’s URL Analysis
Title: VirusTotal’s URL Analysis
Search URL Search Domain Scan URL
URL: https://christianacare.org/
Title: Christiana Care Health System
Title: Christiana Care Health System
Search URL Search Domain Scan URL
URL: http://securol.yt/microsoft-MHA
Title: Try Microsoft’s Message Header Analyzer Tool
Title: Try Microsoft’s Message Header Analyzer Tool
Search URL Search Domain Scan URL
URL: http://securol.yt/2017-IBM-X-Force-TII
Title: X-Force
Title: X-Force
Search URL Search Domain Scan URL
URL: http://securol.yt/oqGYiK
Title: 2017 Data Breach Industry Forecast
Title: 2017 Data Breach Industry Forecast
Search URL Search Domain Scan URL
URL: https://www.youtube.com/watch?v=PZvVjHXIKIY
Title: Google Phishing:
Title: Google Phishing:
Search URL Search Domain Scan URL
URL: http://securol.yt/OrDLfb
Title: Risk Management Framework
Title: Risk Management Framework
Search URL Search Domain Scan URL
URL: http://securol.yt/EO-13800
Title: Executive Order 13800
Title: Executive Order 13800
Search URL Search Domain Scan URL
URL: https://securolytics.io/enforce/
Title: securolytics.io/enforce
Title: securolytics.io/enforce
Search URL Search Domain Scan URL
URL: http://infosechotspot.com/split-tunnel-smtp-exploit-bypasses-email-security-gateways/
Title: InfoSecHotSpot
Title: InfoSecHotSpot
Search URL Search Domain Scan URL
URL: https://kristieraynormi.wordpress.com/2016/12/22/stannscio-david-moufarrege-3/
Title: @StAnnsCIO David Moufarrege | Kristie Raynor's Blog
Title: @StAnnsCIO David Moufarrege | Kristie Raynor's Blog
Search URL Search Domain Scan URL
URL: https://eddieharrisnj.wordpress.com/2016/12/22/stannscio-david-moufarrege-3/
Title: @StAnnsCIO David Moufarrege | Eddie Harris Blog
Title: @StAnnsCIO David Moufarrege | Eddie Harris Blog
Search URL Search Domain Scan URL
URL: http://institute.org/
Title: JC
Title: JC
Search URL Search Domain Scan URL
URL: https://securolytics.io/free-tools
Title: Free Tools
Title: Free Tools
Search URL Search Domain Scan URL
URL: https://securolytics.io/products/enforce/
Title: Products
Title: Products
Search URL Search Domain Scan URL
URL: https://securolytics.io/industry-solutions/accounting/
Title: Solutions
Title: Solutions
Search URL Search Domain Scan URL
URL: https://securolytics.io/customers/
Title: customers
Title: customers
Search URL Search Domain Scan URL
URL: https://securolytics.io/partners/
Title: Partners
Title: Partners
Search URL Search Domain Scan URL
URL: https://securolytics.io/company/about-us/
Title: Company
Title: Company
Search URL Search Domain Scan URL
URL: http://securol.yt/wfacebook
Search URL Search Domain Scan URL
URL: http://securol.yt/wtwitter
Search URL Search Domain Scan URL
URL: http://securol.yt/wlinkedin
Search URL Search Domain Scan URL
URL: https://securolytics.io/company/about-us/#contact-us
Title: Contact Us
Title: Contact Us
Search URL Search Domain Scan URL
URL: https://www.addtoany.com/
Title: AddToAny
Title: AddToAny
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request 27- http://blog.securolytics.io/wp-content/uploads/2017/05/split-tunnel-smtp-attack2-image-karen-kedda.png
- https://blog.securolytics.io/wp-content/uploads/2017/05/split-tunnel-smtp-attack2-image-karen-kedda.png
- http://blog.securolytics.io/wp-content/uploads/2017/05/split-tunnel-smtp-attack2-image-cip.png
- https://blog.securolytics.io/wp-content/uploads/2017/05/split-tunnel-smtp-attack2-image-cip.png
- http://blog.securolytics.io/wp-content/uploads/2017/05/securolytics-NIST-risk-management-framework.gif
- https://blog.securolytics.io/wp-content/uploads/2017/05/securolytics-NIST-risk-management-framework.gif
72 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
/
blog.securolytics.io/2017/05/split-tunnel-smtp-exploit-explained/ |
73 KB 73 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ |
26 KB 7 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
stylesheet.css
blog.securolytics.io/wp-content/themes/cloudstat/css/league-gothic/ |
620 B 620 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
753 B 344 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
css
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
blog.securolytics.io/wp-content/themes/cloudstat/ |
17 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
responsive.css
blog.securolytics.io/wp-content/themes/cloudstat/css/ |
3 KB 3 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
addtoany.min.css
blog.securolytics.io/wp-content/plugins/add-to-any/ |
1 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery.js
blog.securolytics.io/wp-includes/js/jquery/ |
95 KB 95 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
jquery-migrate.min.js
blog.securolytics.io/wp-includes/js/jquery/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
tracking-analytics-events.js
blog.securolytics.io/wp-content/plugins/google-analytics-dashboard-for-wp/front/js/ |
3 KB 3 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
addtoany.min.js
blog.securolytics.io/wp-content/plugins/add-to-any/ |
135 B 135 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
page.js
static.addtoany.com/menu/ |
72 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
securolytics-logo.png
blog.securolytics.io/wp-content/themes/cloudstat/images/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-exploit-header.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
108 KB 108 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
securolytics-split-tunnel-smtp-exploit.gif
blog.securolytics.io/wp-content/uploads/2017/05/ |
52 KB 52 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-1.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
141 KB 141 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-2.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
49 KB 49 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-3.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
235 KB 235 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-4.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
266 KB 266 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-5.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
253 KB 253 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-6.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
246 KB 246 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-7.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-8.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
111 KB 111 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-9.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
170 KB 170 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-10.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
234 KB 234 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-11.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
269 KB 269 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack1-image-12.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
253 KB 253 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-karen-kedda.png
blog.securolytics.io/wp-content/uploads/2017/05/ Redirect Chain
|
43 KB 43 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-13.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
116 KB 116 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-14.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
119 KB 119 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-15.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
64 KB 64 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-16.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
52 KB 52 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-17.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
304 KB 304 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-18.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
268 KB 268 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-19.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
97 KB 97 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-20.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
71 KB 71 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-23.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
81 KB 81 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-cip.png
blog.securolytics.io/wp-content/uploads/2017/05/ Redirect Chain
|
40 KB 40 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
split-tunnel-smtp-attack2-image-24.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
279 KB 279 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
securolytics-NIST-risk-management-framework.gif
blog.securolytics.io/wp-content/uploads/2017/05/ Redirect Chain
|
11 KB 11 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
 Cookie set
zcga.js
crm.zoho.com/crm/javascript/ |
3 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
wp-emoji-release.min.js
blog.securolytics.io/wp-includes/js/ |
10 KB 10 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
float.ls
salesiq.zoho.com/teknas/ |
18 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
CWB0XYA8bzo0kSThX0UTuA.woff2
fonts.gstatic.com/s/roboto/v16/ |
14 KB 14 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
rxxXUYj4oZ6Q5oDJFtEd6vk_vArhqVIZ0nv9q090hN8.woff2
fonts.gstatic.com/s/fjallaone/v4/ |
16 KB 16 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ |
63 KB 63 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
H2DMvhDLycM56KNuAtbJYA.woff2
fonts.gstatic.com/s/lato/v13/ |
22 KB 22 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
1YwB1sO8YE1Lyjf12WNiUA.woff2
fonts.gstatic.com/s/lato/v13/ |
23 KB 23 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
PLygLKRVCQnA5fhu3qk5fQ.woff2
fonts.gstatic.com/s/lato/v13/ |
24 KB 24 KB |
Font
font/woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
darkreading_securolytics_05-25-2017.jpg
blog.securolytics.io/wp-content/uploads/2017/05/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
20ransom-1-master768.jpg
blog.securolytics.io/wp-content/uploads/2017/05/ |
89 KB 89 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
bronxcare-1.png
blog.securolytics.io/wp-content/uploads/2017/05/ |
466 KB 466 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
44339432-Internet-of-Things-IOT-concept-background-Vector-illustration-representing-new-innovative-ideas-with-Stock-Vector.jpg
blog.securolytics.io/wp-content/uploads/2017/05/ |
94 KB 94 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 44 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
stats.g.doubleclick.net/r/ |
35 B 53 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
sm.16.html
static.addtoany.com/menu/ Frame 6410 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET DATA |
truncated
/ |
34 B 0 |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headersResponse headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
icons.21.svg.js
static.addtoany.com/menu/svg/ |
83 KB 0 |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
piwik.js
teknas.piwikpro.com/ |
54 KB 21 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
29 KB 12 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
collect
www.google-analytics.com/ |
35 B 44 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
Cookie set
button.ls
salesiq.zoho.com/teknas/ |
20 KB 6 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
piwik.php
teknas.piwikpro.com/ |
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
floatsupportbtn.css
css.zohostatic.com/salesiq/May_24_2017_https/styles/ |
24 KB 5 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
track.js
js.zohostatic.com/salesiq/May_24_2017_https/js/ |
70 KB 21 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
button.js
js.zohostatic.com/salesiq/May_24_2017_https/js/ |
13 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
favi.ico
blog.securolytics.io/wp-content/themes/cloudstat/images/ |
1 KB 1 KB |
Other
image/vnd.microsoft.icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
float-sprite.png
img.zohostatic.com/salesiq/May_24_2017_https/images/ |
28 KB 28 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
drawchat.ls
salesiq.zohopublic.com/teknas/ Frame 6410 |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
spacer.gif
img.zohostatic.com/salesiq/May_24_2017_https/images/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
sprite.png
img.zohostatic.com/salesiq/May_24_2017_https/images/embed/ |
23 KB 23 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- static.addtoany.com
- URL
- https://static.addtoany.com/menu/sm.16.html
- Domain
- salesiq.zohopublic.com
- URL
- https://salesiq.zohopublic.com/teknas/drawchat.ls?src=script&type=float&referrer=&pagetitle=Securolytics%20%7C%20Blog&embedname=securolytics&cpage=aHR0cHM6Ly9ibG9nLnNlY3Vyb2x5dGljcy5pby8yMDE3LzA1L3NwbGl0LXR1bm5lbC1zbXRwLWV4cGxvaXQtZXhwbGFpbmVkLw%3D%3D&autochat=false&lang=en&loadedtime=1496120596490
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
12 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| .static.addtoany.com/ | Name: __utmz Value: 66866668.1496120592.1.1.utmcsr=blog.securolytics.io|utmccn=(referral)|utmcmd=referral|utmcct=/2017/05/split-tunnel-smtp-exploit-explained/ |
|
| .securolytics.io/ | Name: _pk_id.49.8ee7 Value: 6decf5c307a2b16b.1496120593.1.1496120593.1496120593. |
|
| .addtoany.com/ | Name: __cfduid Value: d736499efdc8a28a6cff65a86f20fa92a1496120592 |
|
| .static.addtoany.com/ | Name: __utmc Value: 66866668 |
|
| .static.addtoany.com/ | Name: __utma Value: 66866668.505925487.1496120592.1496120592.1496120592.1 |
|
| blog.securolytics.io/ | Name: gclid Value: undefined |
|
| .static.addtoany.com/ | Name: __utmb Value: 66866668.0.10.1496120592 |
|
| .securolytics.io/ | Name: _pk_ses.49.8ee7 Value: * |
|
| .securolytics.io/ | Name: _gid Value: GA1.2.1065285530.1496120592 |
|
| .addtoany.com/ | Name: uvc Value: 1 |
|
| .securolytics.io/ | Name: _ga Value: GA1.2.1641080908.1496120592 |
|
| .securolytics.io/ | Name: _gat Value: 1 |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=63072000; preload |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
blog.securolytics.io
crm.zoho.com
css.zohostatic.com
fonts.googleapis.com
fonts.gstatic.com
img.zohostatic.com
js.zohostatic.com
maxcdn.bootstrapcdn.com
salesiq.zoho.com
salesiq.zohopublic.com
static.addtoany.com
stats.g.doubleclick.net
teknas.piwikpro.com
www.google-analytics.com
salesiq.zohopublic.com
static.addtoany.com
178.162.208.180
198.232.125.123
2400:cb00:2048:1::6814:6e27
2a00:1450:4001:816::2003
2a00:1450:4001:816::200a
2a00:1450:4001:816::200e
2a00:1450:400c:c04::9d
54.173.173.29
74.201.154.73
8.40.222.106
8.40.222.111
8.40.222.123
0496ffd71472af755edab2dc201d07a382b92856335769bad8c83a8e245435b4
04b2aa89e5dd20337ca3083ba08b5cb7621930665b012ef852ab1bb3f816f4c7
05072554e3623f9841264ba7262ffb765365ac28f3162b24291609477d42e78d
05bbda819098c940081392a51697b2fd5b42f39d78999b50e4b335aa727a69d3
05cc856acea257ee6e07c3817b1893e7fae9f98e5ccfd1687cc3e1e6ae706f58
0b6daa69314b58b23c4e39885c5465adc86e4b76c6704e824de17a2d6a8ffe11
0d0ca75d8b81e9a9435143496bccb504c16e52b06d208474df944675338e25b0
0f0139d7507f98a4d1182810db05ef9ec1fc197f4def7c441b862ad52f348a6c
13b1331b7bbe9beae07d7b7d8664e668efb8c747d7c5cf30869521d1a76bee52
14d3853499cc02bc0299105e50df1539a2e4ecf9daea338dfddff522ae8fd9a2
1cc76c442c3305274ee60298de111323c122f1b276f03c2d5336e85b7230a58a
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1e9655daa20e02fa31bc82b2dd17804611050568d525882f9165a3cff37207ae
2537a62717843496daa8fedb32d44403c1ab23c4617d9a3aa1f56eb9045a8faa
29499e2b5d5cbd39647f55746440396d62f8c10c610e6e8bb4a2587030d986e1
2fff935dcf212377cb836950f4826b3258b8ac891c638864a353fbec2634469f
344741764fe3aea14e9b58687b571496a6ffaf8a6173e61d078537bc0cfdc88d
364c1ea76a5b1037cd712f96c07be3c9d08ce50eb226d0758a13b9471fa50f35
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3c912f3753e81db1bf6883bceec8ce20e1cc5abb0b01d587d45def290878c336
42b010e422f1596bf93abca206531d06ee11016128d4dcb60ad1575ff08522ea
438eafc0cdc4cc94a17c3781a0e254d08af611c9e71a7c285fd3872ccd18cb93
47a03cdb40941ed9bb87178d34076aa70d7c8a21c2645d9a71e7edb02f94a4c2
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
59d8be33249f70db42ba649db05211213d176d3c45b0528796787a25668e51a3
5a5fbbb175422ea3de8f4ad888047dbead43b912bc5eb7b4f28354caa1799e45
60ddbdc59a12fddd73e6764e5b95f301e81f1104004ffc1519c1064c45ed41b7
656a3dd3b522339d3f43e72c53286457ebd5133e213d2da1299a351d729a8c7e
6ab9af5c668665d6c6affd09941367d714c7efdedc286887e9e60fdea865d1b5
706e5b2dfc346c82f9a2feb0b29aad87c922cd0b07b8b25f04abc6d9d510cfa0
720b9dffd8324fb8222548dd395a84aa60c1953801990e8b021d12f4ea95273a
72fbe85629bc27977fd8684d84b51f659de98bb453d420938f6d8fc30f1238fa
7e8268de2407cdd825119f98d7448b1fbe06aedcfbdbff44ad5c9ac19fb3c2b0
7fe7e1954511737e3bd3b01759c1d7d2a8a83bb781424c9753bc62ce38e27d35
832f4c005adacc0be0855de8bd9cc3937ca1363a3121e84edab98706b2334140
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8636944aec2fea7c4306f8cfbb484bd1cb5465e4713a266172f6eab0681e3efa
8f3e743527460788368f79b4c2929ca8c356b798362d9c1b77ea34fce5f894cb
92ee709b26e30297904101ba16fa41918211a258f7131c2ae6f107064999e71d
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
9687ee5934e8a8b125cd0e3f7e21b9eea12c5eba602dfb12941aeafaad44fbe3
9b9266812d50859b2c1c3029a780ebfdd18e3057aa82ed8561328729e9d233d2
9ce819250a5b5d71a296e407dbfe80d3fed19921872264d2273756fd5fbb8361
a481485d6fdef7406780f848ebcb995d7ac99a2387589f80e5fc2d1ba0709f7c
b25baec24139ed33efcf25bdb82ceb8597cf00250aaa4bbc675b96f08db235f5
b2b481c5fc3f15b3678f5be2051d357d17650ddc54b226ec3ce33e598b0ab855
b3b4d55dfe55b3f2000383a5c30d0e78709947144b79b54ebb0f22ef8f02f0e6
b3fd007756b962c69239df8596e330919c2136d15de08a1a3b6535716986bb38
bb183733e8446a35b2411ebfbcd39332550c755a01b9776f00665b3489b4253c
bd816aa696baaaecb101ad5e78360d69beb0dcd782a0f595b4717f4b56ae9354
c1bfe2ce2c579ef311772d733be01ef4755ecd7b6e77eafbe8accc97ab69e03e
c5d2cc1d2ddaef95c17a2905fff475005875a091ab0f65838dc03cea187b4739
d3cd2c511950c7a0b74607dc9f955a24e1885f16ba06bc7dae477f7f63cc71dc
d4398dec1afbadd50ad056364ec2b16411ab97670c6e09824001a18cc5cb5b14
d55d8902a42cbeab90e4fbf63e349fd4ec2ed031630a153d177f9c5872af8ebc
d7aeba6b284be2fbfeaae8f02bc140a4491d87d5f46caca6cd76aa90c412848f
d82e93a1c95cd066f7e4dab5dc294079b60ec979a85114624b888407b2b7d863
d93b3e0523a3044e8a26474cdce53e2de4a4c8ba1e72e090305037c37040e94f
db44c6b7985f942465865cfe688770803ab464ec35fb9aefaeccc052e9b74b2a
e216c3dbcf029f288611866cec3f460fc2fc2e50529b80d111ce0dc600297e9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5db49fc15e40a9fe8a2674bb76519e46f31aefc24ca1c1449b06fe3d04ff9a3
e9830d0997e87c328360301ffb0ab81fabd9101f90453976ee61555d6f353af9
f0cdcdf13dfc511aa872dea1d899623e02a6b176293fb34afbbafb2e13f626eb
f5bac3290c345d66a947d2c5e2491eafe21f5314be8599f79b5edf61b766275c
fc48d1d80ece71a79a7b39877f4104d49d3da6c3665cf6dc203000fb7df4447e
fd952e356e9a03c684084cd927b88f2034778356573cfeed28ece84ebf8abdda