https://cl.s10.exct.net/?qs=6f1d02699e4a5b28c09314e097c817c85aa6e042ad24bd656618bc42193fa252255bd259ed5e5d0722eeb977e03962fe57bed3f3ffdab758

Status: finished

Submission Time: 03.12.2019 06:38:07

Clean

Comments

Details

Analysis ID:
193291
API (Web) ID:
284714
Analysis Started:

03.12.2019 06:38:08
Analysis Finished:

03.12.2019 06:44:52
Technologies:

Engines
IOCs

Full Report	Engine	Info	Verdict	Score	Reports
		System: Windows 10 64 bit (version 1803) with Office 2016, Adobe Reader DC 19, Chrome 70, Firefox 63, Java 8.171, Flash 30.0.0.113		0/100

IPs

IP	Country	Detection
74.125.133.157	United States
139.217.226.237	China
31.13.92.14	Ireland
Click to see the 4 hidden entries
31.13.92.36	Ireland
185.63.144.5	United States
172.217.23.227	United States
13.111.18.11	United States

Domains

Name	IP	Detection
star-mini.c10r.facebook.com	31.13.92.36
pop-tln1-alpha.mix.linkedin.com	185.63.144.5
cl.s10.exct.net	13.111.18.11
Click to see the 10 hidden entries
scontent.xx.fbcdn.net	31.13.92.14
stats.l.doubleclick.net	74.125.133.157
www.hytera.com	139.217.226.237
www.google.co.uk	172.217.23.227
www.facebook.com	0.0.0.0
snap.licdn.com	0.0.0.0
www.msftconnecttest.com	0.0.0.0
connect.facebook.net	0.0.0.0
px.ads.linkedin.com	0.0.0.0
stats.g.doubleclick.net	0.0.0.0

URLs

Name	Detection
http://search.chol.com/favicon.ico
http://www.mercadolivre.com.br/
http://www.merlin.com.pl/favicon.ico
Click to see the 97 hidden entries
https://www.hytera.com/en/img/banner_en_pc_3.41e8e557.jpg
http://www.dailymail.co.uk/
http://fr.search.yahoo.com/
https://px.ads.linkedin.com/collect?
http://in.search.yahoo.com/
http://img.shopzilla.com/shopzilla/shopzilla.ico
https://www.hytera.com/upload/enterprice/solut_2_201851117568340.jpg
http://msk.afisha.ru/
http://www.reddit.com/
http://busca.igbusca.com.br//app/static/images/favicon.ico
http://www.ya.com/favicon.ico
https://www.hytera.com/html/poc-en/index.html
http://www.etmall.com.tw/favicon.ico
http://it.search.dada.net/favicon.ico
http://search.hanafos.com/favicon.ico
http://cgi.search.biglobe.ne.jp/favicon.ico
http://ocsp.pki.goog/gts1o10
http://search.msn.co.jp/results.aspx?q=
http://buscar.ozu.es/
http://ocsp.pki.goog/gsr202
https://pki.goog/repository/0
https://connect.facebook.net/signals/config/1124181261107433?v=2.9.14&r=stable
http://www.microsofttranslator.com/BVPrev.aspx?ref=IE8Activity
https://www.hytera.com/en/#/inde
http://www.ask.com/
http://www.google.it/
http://search.auction.co.kr/
http://www.amazon.de/
http://sads.myspace.com/
https://www.hytera.com/en/6
https://www.hytera.com/upload/enterprice/2_201851110217297_201891018107393.png
https://www.hytera.com/en/fonts/iconfont.095199d4.eot#iefix
http://www.pchome.com.tw/favicon.ico
http://browse.guardian.co.uk/favicon.ico
http://crl.pki.goog/gsr2/gsr2.crl0?
https://www.hytera.com/en/img/banner_en_pc_1.422d4123.jpg
http://google.pchome.com.tw/
http://list.taobao.com/browse/search_visual.htm?n=15&q=
http://www.rambler.ru/favicon.ico
http://uk.search.yahoo.com/
https://www.hytera.com/html/poc-cn/index.html
https://www.hytera.com/en/&
http://www.ozu.es/favicon.ico
http://search.sify.com/
http://openimage.interpark.com/interpark.ico
http://search.yahoo.co.jp/favicon.ico
http://www.gmarket.co.kr/
http://search.nifty.com/
https://cl.s10.exct.net/
http://www.google.si/
http://www.soso.com/
http://busca.orange.es/
http://cnweb.search.live.com/results.aspx?q=
http://www.twitter.com/
http://auto.search.msn.com/response.asp?MT=
http://www.target.com/
https://fontawesome.com/license/free
https://www.hytera.com/en/#/index/category/185/179
http://search.orange.co.uk/favicon.ico
http://www.iask.com/
http://search.centrum.cz/favicon.ico
http://service2.bfast.com/
https://www.hytera.com/en/js/chunk-vendors.7009aa40.js
http://ariadna.elmundo.es/
http://www.news.com.au/favicon.ico
http://www.cdiscount.com/
http://www.tiscali.it/favicon.ico
https://www.baidu.com/s?ie=utf-8&f=8&rsv_bp=0&rsv_idx=1&tn=baidu&wd=
http://it.search.yahoo.com/
http://www.ceneo.pl/favicon.ico
http://www.servicios.clarin.com/
http://search.daum.net/favicon.ico
http://www.kkbox.com.tw/
http://search.goo.ne.jp/favicon.ico
http://search.msn.com/results.aspx?q=
http://list.taobao.com/
http://www.nytimes.com/
http://www.taobao.com/favicon.ico
https://partnerrecruitments-hytera.secure.force.com/partnerRecruitment/?language=en_US
http://www.etmall.com.tw/
http://ie.search.yahoo.com/os?command=
http://www.cnet.com/favicon.ico
https://www.hytera.com/en/#/index/category/180/179
http://www.linternaute.com/favicon.ico
http://busca.u
http://www.amazon.co.uk/
http://www.cdiscount.com/favicon.ico
http://www.asharqalawsat.com/favicon.ico
http://www.google.fr/
https://www.hytera.com/en/#/index/category/184/179SPS
http://search.gismeteo.ru/
http://www.rtl.de/
https://www.hytera.com/cn/category/81
http://www.soso.com/favicon.ico
http://www.univision.com/favicon.ico
http://weibo.com/hyteracom
http://search.ipop.co.kr/

Dropped files

Name	File Type	Hashes
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\DOMStore\D1YBPPLZ\www.hytera[1].xml	ASCII text, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{AB9DB178-15DA-11EA-AADB-C25F135D3C65}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{AB9DB17A-15DA-11EA-AADB-C25F135D3C65}.dat	Microsoft Word Document	#
Click to see the 88 hidden entries
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\{B5620874-15DA-11EA-AADB-C25F135D3C65}.dat	Microsoft Word Document	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-17529550060\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-18270793970\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-21706820\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-4759708130\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-6757900\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin-8760897390\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20259167780\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin20332743330\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\Tiles\pin8215062560\msapplication.xml	XML 1.0 document, ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Internet Explorer\imagestore\6aw4uvh\imagestore.dat	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\396500441005109[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\???-2_20145615534600_20183260331839[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 110x78, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\???_20184241892460[1].jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2018:04:19 09:22:26], progressive, precision 8, 109x77, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\analytics[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\banner_en_mob_3.019d8577[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 1080x1300, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\business5_201842418116524[1].jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=3, software=Adobe Photoshop CC 2015.5 (Windows), datetime=2018:04:19 10:19:39], progressive, precision 8, 109x77, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\chunk-12b0555c.7138f33c[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\chunk-6e73e9da.39d59fa8[1].js	UTF-8 Unicode text, with very long lines, with escape sequences	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\chunk-6e73e9da.4f2561f8[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\en[1].htm	HTML document, ASCII text, with CRLF, LF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\fbevents[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\homepageaudio_20181129534728[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\hytera_app.094b5571[1].png	PNG image data, 119 x 117, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\solut_1_201851117553465_2018101517106407[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\solut_2_201851117568340[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\tr[1].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\tr[3].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\tr[4].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\tr[5].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\KSU5XQMC\tr[6].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\2_201851110217297_201891018107393[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\396500441005109[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\3_201851110225260_201891018128145[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\4_201851110231327_201891018128684[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\8776dd86-ade4-4fed-adde-a561e26eaf5b[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\banner_en_mob_1.f9f5753f[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\banner_en_mob_2.82886c5d[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\banner_en_pc_1.422d4123[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\banner_en_pc_2.0d103b75[1].jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2019:11:15 17:07:25], baseline, precision 8, 1920x800, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\banner_en_pc_3.41e8e557[1].jpg	[TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x800, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\blink_05[1].png	PNG image data, 166 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\chunk-e3851372.af9c8bcd[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\en[1].htm	HTML document, UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\insight.min[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\serviceTel.2fceaad9[1].png	PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\tr[1].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\tr[2].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\V5D02472\tr[4].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\1124181261107433[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\68b18fc8-4c58-4324-b341-ba131af6ec63[1].jpg	[TIFF image data, little-endian, direntries=0], progressive, precision 8, 2560x586, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\73b76769-787c-4f13-8925-7cb0fad9bdc1[1].jpg	[TIFF image data, little-endian, direntries=0]	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\7a2fb3fb-ea82-4403-b2a5-8b28d80ee431[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\877799c8-c80d-4165-b416-b0c537ea10cf[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\8c7dcd88-cc85-4575-a7d2-d9ae50e739f6[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\app.b0e0e840[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\blink_02[1].png	PNG image data, 203 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\blink_03[1].png	PNG image data, 182 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\blink_04[1].png	PNG image data, 159 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\chunk-1371673f.80c867bf[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\chunk-e3851372.699ceeb3[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\chunk-vendors.7009aa40[1].js	UTF-8 Unicode text, with very long lines, with LF, NEL line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\favicon[1].ico	MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\loading.c97f928c[1].gif	GIF image data, version 89a, 500 x 500	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\product_dush.693507b9[1].jpg	[TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Windows), datetime=2016:08:18 16:50:48], progressive, precision 8, 12x1, frames 3	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\tr[1].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VINVDFP6\tr[2].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\426427041540041[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\5_201851110236448_201891018138917[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\6_201851110232195_201891018139589[1].png	PNG image data, 339 x 435, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\??_2014561486691_20183260325008[1].png	PNG image data, 109 x 77, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\??_2014561494171_20183260325036[1].png	PNG image data, 109 x 77, 8-bit/color RGB, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\??_20187118349815.d0001189[1].jpg	data	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\app.ba9d2685[1].css	ASCII text, with very long lines, with CRLF line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\blink_01[1].png	PNG image data, 129 x 48, 8-bit/color RGBA, non-interlaced	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\chunk-b7306ec4.24235910[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\chunk-b7306ec4.87b5d2d2[1].js	UTF-8 Unicode text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\chunk-vendors.c543a753[1].css	ASCII text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\fbevents[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\getProvincesList[1].json	UTF-8 Unicode text, with very long lines, with no line terminators	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\gtm[1].js	ASCII text, with very long lines	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\iconfont.28bf012c[1].eot	Embedded OpenType (EOT), iconfont family	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\tr[3].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Microsoft\Windows\INetCache\IE\VTIIBVU5\tr[6].gif	GIF image data, version 89a, 1 x 1	#
C:\Users\user\AppData\Local\Temp\~DF116EAC8B978E4246.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF3A660846F85409F7.TMP	data	#
C:\Users\user\AppData\Local\Temp\~DF8CA8F2D557CFD804.TMP	data	#
C:\Users\user\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\KMCPFT0WH94IHEZ7B8U0.temp	data	#

https://cl.s10.exct.net/?qs=6f1d02699e4a5b28c09314e097c817c85aa6e042ad24bd656618bc42193fa252255bd259ed5e5d0722eeb977e03962fe57bed3f3ffdab758 Options

Comments

Tags

Details

IPs

Domains

URLs

Dropped files

Search started

Yara Super Rule creation started

https://cl.s10.exct.net/?qs=6f1d02699e4a5b28c09314e097c817c85aa6e042ad24bd656618bc42193fa252255bd259ed5e5d0722eeb977e03962fe57bed3f3ffdab758