[HN Gopher] TeleMessage Explorer: a new open source research tool
___________________________________________________________________
TeleMessage Explorer: a new open source research tool
See also TeleMessage customers include DC Police, Andreessen
Horowitz, JP Morgan, and hundreds more:
https://micahflee.com/telemessage-customers-include-dc-polic...
Author : micahflee
Score : 87 points
Date : 2025-05-26 14:50 UTC (8 hours ago)
(HTM) web link (micahflee.com)
(TXT) w3m dump (micahflee.com)
| mdhb wrote:
| It's truly wild that something like this exists. It really speaks
| to the unfathomable levels of incompetence that this is what the
| Trump administration was using to plan military operations over.
| owlninja wrote:
| And we all drop our jaws, wonder what is happening, and then
| wake up to a slurry of new stories.
| stepupmakeup wrote:
| What's the point? Here's the tool, but the actual data? Sorry,
| verified journalists only!
|
| Is it just endless self-promotion for OP and their cybercriminal
| gang (not sure why someone would admit to such) masquerading as
| the "good guys"?
| OneDeuxTriSeiGo wrote:
| It's a data leak that was posted publicly online. Yes
| DDoSSecrets restricts access to verified journalists and
| security researchers but if you don't fall under that criteria
| you can always just get it the old fashioned way by digging
| around for torrents of data leaks like everyone else has done
| since forever.
| ipsum2 wrote:
| Isn't DDoSSecrets the only one that has access to the
| hacked/downloaded dataset, so there wouldn't be other copies
| floating around unless someone else simultaneously downloaded
| the dataset at the same time?
|
| Someone can prove me wrong by dropping a magnet link. :)
| tamirmag wrote:
| Does the importer validate heapdump JSON and flag malformed
| records before they reach PostgreSQL?
| throw10920 wrote:
| I'm hoping that this will be yet another shot in the war to
| convice corporations and government agencies that they need to
| have on-prem data hosting that isn't accessible to the company
| running the service. I don't think you can do full E2E between
| individual employees in a corporate setting, but at the very
| least if all of the organization's data is _only_ accessible to
| the organization, that 'll help with a lot of these third-party
| data beaches.
|
| (it won't help when the organization is beached, which
| unfortunately still seems to be the main way that user data gets
| leaked)
|
| Ultimately, though, until there starts to be federal law
| mandating chain of custody for user data and harsh penalties on
| it being leaked, I think that this will continue for a long
| time...
|
| Update: I should have read the article - did not realize
| TeleMessage was _supposed_ to be E2E. I guess now the lesson is
| that you shouldn 't be using normal devices for national security
| information (classified or not), and otherwise it's still not
| good to use a sketchy service that doesn't have Moxie-grade
| crypto implementations.
| AtlasBarfed wrote:
| If a company knows something about you, so does the
| government(s).
|
| This is exactly the state of affairs the government prefers.
|
| Privacy and consumer protection long died on the altar of
| turnkey totalitarian universal monitoring.
|
| By having corps do the creepiest data collection, whatever all
| political opposition to the complete surveillance state is
| bypassed
| reactordev wrote:
| Just so long as every once in a while, they convince some
| junior senator to hold a hearing to throw some executive at
| them that will use it as a way of earning clout within the
| company and no one cares about the outcome. The junior
| senator will lament about their political opponents, the
| committee will pat itself on the back for doing their job,
| the corporate crony will report back to the board that they
| delivered the talking points, and it will go right back to
| business as usual.
| JumpCrisscross wrote:
| > _if a company knows something about you, so does the
| government(s)_
|
| The constant litigation between the government and private
| companies over records requests should put this hypothesis to
| bed.
| AtlasBarfed wrote:
| The black box rooms in the telecom forms two decades ago
| beg to differ
|
| What you are talking about is small fry law enforcement.
|
| If you don't think the new has total access to the
| databases of the thousands of social network and
| advertising/data collection firms, I don't know what to
| tell you.
|
| Maybe something totally encrypted, but even then there is
| hardware backdoors, and the NSA can simply pay an employee
| to legally let them in.
| globie wrote:
| They only need to pay off or install a single employee to
| get total or near-total access. Consider this chart from
| 2013 showing when various tech companies were added to
| PRISM:
|
| https://upload.wikimedia.org/wikipedia/commons/c/c7/Prism
| _sl...
|
| A lot of the companies embattled in the "constant
| litigation" mentioned by the GP are featured in this very
| chart.
| JumpCrisscross wrote:
| > _lot of the companies embattled in the "constant
| litigation" mentioned by the GP are featured in this very
| chart_
|
| Yup. A great first step towards understanding these
| systems is to disaggregate the monoliths of these
| enterprises and the U.S. government into their power
| centres.
| globie wrote:
| Do you believe the disaggregation of those monoliths
| helps to put the "hypothesis to bed"? It sure seems like
| you were listing "constant litigation" over "records
| request" as counterevidence of the claim that "if a
| company knows something about you, so does the
| government(s)".
|
| If anyone in the U.S. government is extracting data from
| companies in a manner which is unlawful or should be (and
| they sure are), I see that as strong evidence of the
| hypothesis. Pointing out that local agencies may have to
| fight for their access in court doesn't change that it
| "is exactly the state of affairs the government prefers".
| JumpCrisscross wrote:
| > _sure seems like you were listing "constant litigation"
| over "records request" as counterevidence of the claim
| that "if a company knows something about you, so does the
| government(s)"_
|
| Yes. Just because the NSA _can_ access some data doesn't
| mean the entire federal government, including the NSA,
| has it.
|
| > _local agencies may have to fight for their access_
|
| The White House is fighting Harvard for student records.
| I don't think people appreciate the degree to which
| information is siloed, intentionally and unintentionally,
| in the federal government. (It's what led to DOGE likely
| committing multiple felonies.)
| layer8 wrote:
| To the extent that this is the case, or more importantly, can
| become the case, that is why the concept of data parsimony is
| important:
| https://martinfowler.com/bliki/Datensparsamkeit.html
|
| https://news.ycombinator.com/item?id=23710925
| throw10920 wrote:
| This is a beautiful word for a useful concept, thank you!
| throw10920 wrote:
| This is pretty significantly off-topic, but I'll respond
| anyway:
|
| (a) That's one of the reasons why it's important to restrict
| corporate data collection in _addition_ to state data
| collection; and
|
| (b) In the vast majority of cases, the US government at
| least, has to obtain a warrant to collect data on US
| citizens, so those two sets are _not_ the same
|
| I _agree_ with the idea that most governments around the
| world have far more access to corporate data than they
| should, but I wouldn 't go as far as to say that they have
| _complete_ access (with caveats - the US has more protections
| than most of the rest of the world, for instance, and China
| has far less).
| globie wrote:
| >In the vast majority of cases, the US government at least,
| has to obtain a warrant to collect data on US citizens, so
| those two sets are not the same
|
| If only that were true[0][1][2][3].
|
| [0] (2022): https://fedscoop.com/dhs-buying-personal-data-
| from-govt-cont...
|
| [1] (2023): https://www.congress.gov/118/meeting/house/1161
| 92/documents/...
|
| [2] (2024): https://www.cnn.com/2024/01/26/tech/the-nsa-
| buys-americans-i...
|
| [3] (2025): https://theintercept.com/2025/05/22/intel-
| agencies-buying-da...
| ComputerGuru wrote:
| I don't understand the value proposition of TeleMessage. Uses
| Signal but defeats the point of using Signal. Why not use a
| proper centralized chat with actual retention and encryption?
| ocdtrekkie wrote:
| Considering they accidentally included a journalist,
| compatibility with the existing user network. If you need
| logged chat with normal Signal users, TeleMessage would
| probably be the way to do this.
| ls612 wrote:
| You might be subject to compliance requirements for archival
| but also want to talk to other people who use signal.
| kevincox wrote:
| For example DC Police may have confidential informants who
| would be best to use Signal because that isn't unusual. But
| the people there are communicating need to retain the
| communication.
| whatshisface wrote:
| So basically, you tell at-risk people they're E2E, but keep
| a copy on whatever storage system you want to use and send
| another to your friends.
| ls612 wrote:
| E2EE's biggest use case is preventing the government from
| reading your messages. If you are messaging the
| government (or are in the government) then this isn't
| relevant.
| mingus88 wrote:
| This has always been possible with screenshots. SGNL is
| just an enterprise solution.
|
| At the end of they day you need to trust who you are
| talking to and never over share.
| kevincox wrote:
| E2E means that the messaging provider can't read the
| messages. The receiver can still see the messages and do
| whatever they want with them.
| bee_rider wrote:
| This is the fundamental problem that end-to-end
| encryption doesn't solve, right? If the person on the
| other end is malicious or really dumb they can still leak
| your messages.
| bee_rider wrote:
| I wonder if it is just organizations that don't really care
| about anything other than brand name (signal is known as pretty
| good, right) and CYA.
|
| Like it might legitimately be the case that you personally have
| expended more brainpower trying to understand the decision than
| they put into making it.
| cryptonector wrote:
| This is probably it.
|
| Or there might be an issue with trusting their own IT
| departments. With Signal they don't even have to trust Signal
| (haha, but they might think that you know).
|
| There's another possibility: NSA told them to use Signal w/
| TeleMessage so that NSA could see everything because they
| have an agreement with TeleMessage or because NSA knows about
| all these vulns in TeleMessage.
|
| There's other possibilities too.
| Spooky23 wrote:
| Most people don't care about anonymous communication. The
| agendas of those who do vary.
|
| Signal is essentially iMessage that works in Android for all
| intents. Supporting it lets you communicate with outside
| entities. Otherwise the only mechanism to do so is email, which
| is problematic at best.
|
| Government and finance are required by law to archive and audit
| communications. Some companies do anyway to keep tabs on staff.
| btown wrote:
| If you need your partners/bankers/salespeople/cabinet-level
| officials etc. to be able to converse with their clients on the
| E2E encrypted systems those clients already use, like WhatsApp
| and Signal, but maintain retention for legal or internal data-
| mining reasons, the only way to do that is to have a modified
| client, perhaps cracked or forked from an official client, that
| speaks the same wire protocol, but copies messages to separate
| storage.
|
| Now, such a system could be set up to route those copied
| messages in a separately E2E-encrypted way to the client's in-
| house/on-prem archival systems, and have the client be
| responsible for implementing decryption and secure storage at
| rest. But it's far easier to just sell a centralized cloud-
| based archival/retrieval system - which must necessarily be
| able to decrypt messages, and thus makes for an incredibly
| juicy target.
|
| Given the supply-chain risks of the provider offering the
| customized clients anyways, one would expect them to have a
| strong security focus... but it certainly seems this was not
| the case.
| JumpCrisscross wrote:
| > _the only way to do that is to have a modified client_
|
| My firm requires screenshots. If the concern is that someone
| would bypass that, well, someone could bypass TeleMessage,
| too.
| mingus88 wrote:
| One has to wonder what type of legal requirement this
| satisfies.
|
| It certainly wouldn't hold up to the "beyond a reasonable
| doubt" standard for US criminal prosecution.
|
| I've been exposed to "lit holds" for various document
| management system before and usually a third party such as
| Box or Microsoft can attest to the immutability of files
| placed under lit hold, and/or there is an audit trail to
| make sure the chain of custody is intact.
| JumpCrisscross wrote:
| > _what type of legal requirement this satisfies_
|
| Typically between commercially reasonable and best
| efforts.
|
| > _been exposed to "lit holds" for various document
| management system before_
|
| I think these are held to a higher standard than run-of-
| the-mill securities compliance.
| cryptonector wrote:
| > Why not use a proper centralized chat with actual retention
| and encryption?
|
| This is the right question to ask. It might be that such a
| thing doesn't quite exist in the way that the customers want
| (doubtful; Slack should work just fine), or more likely it
| might be a cultural issue (that Signal is ingrained in some of
| these executives' minds as _the_ secure system to use, and/or
| that they don't want Slack/Whatever to be the service provider
| for IM _and_ the service provider for retention, or that they
| don't want Slack/Whatever with on-prem services because they
| don't trust their own IT, etc.).
|
| Obviously TeleMessage's value add is to add retention to
| Signal, which defeats the point of Signal. That leads me to
| think that the motivation is cultural.
| klooney wrote:
| Heap dumps on the Internet. Java ecosystem has some criminal
| defaults.
| klooney wrote:
| https://shewantstheisrd.myshopify.com/products/clean-on-opse... I
| found the sticker
| 9dev wrote:
| That one is pure gold.
| FilosofumRex wrote:
| Sooo, Tik Tok is a national security threat but TeleMessage is
| government approved app. It's illegal to spy on Americans, unless
| it passes through Israeli channels.
|
| I wonder how much Israel charges for selling our secrets to the
| Chinese.
| snarf21 wrote:
| Obviously, it isn't about that. Our government just doesn't
| want anyone but them spying on its citizens.
| ujkhsjkdhf234 wrote:
| It isn't even about that. Tiktok is taking market share from
| FAANGs. Zuckerberg has spent a pretty penny on this Tiktok
| disinformation campaign and if you look at the members of
| Congress behind the ban Tiktok bill, most of them purchased
| huge amounts of Meta stock before introducing it to Congress.
| It's corruption all the way down.
| mschuster91 wrote:
| > Zuckerberg has spent a pretty penny on this Tiktok
| disinformation campaign
|
| There's more than enough reports from outside the US that
| credibly allege TikTok is a critical factor in the
| radicalization and recruitment of the far-right and
| militant Islamism [1][2][3].
|
| Conspiracies about Zuckerberg wanting to dunk on a
| competitor aside (that may or may not be real, and I'm
| heavily inclined to believe they are true), the threat from
| TikTok is _real_ , this application needs to be
| exterminated at all cost before China completely tears
| apart our society.
|
| [1] https://www.bpb.de/lernen/digitale-
| bildung/werkstatt/560523/...
|
| [2] https://www.zdf.de/nachrichten/politik/deutschland/radi
| kalis...
|
| [3] https://www.tagesschau.de/inland/regional/hessen/hr-
| wandern-...
| verdverm wrote:
| Both assertions can be true at the same time
| ujkhsjkdhf234 wrote:
| > There's more than enough reports from outside the US
| that credibly allege TikTok is a critical factor in the
| radicalization and recruitment of the far-right and
| militant Islamism [1][2][3].
|
| You can find literature to support that claim for
| Youtube, Facebook, and Twitter, not just Tiktok. The
| Making of a Youtube Radical was a big story back in 2019.
| Facebook won the election for Trump in 2016. Twitter is
| owned by a Nazi who routinely boost far-right conspiracy
| theories.
|
| The answer isn't banning Tiktok but passing strong
| privacy and data legislation that affects all social
| media platforms. Not just Tiktok. US social media
| companies have been pulling on the seams of society far
| before Tiktok arrived.
| mschuster91 wrote:
| At least we can tackle Meta, Google and Twitter with
| domestic courts (and the EU is already turning the
| screws). With Tiktok, we have about zero ways to
| influence them. Straight Chinese propaganda right in the
| brains of our children.
| overfeed wrote:
| > With Tiktok, we have about zero ways to influence them.
|
| I could swear the US passed a law targeted at TikTok last
| year. The law was precisely targeted to prevent any
| collateral damage on any of the American social media
| companies that are guilty of most or all the bad behavior
| leveled against TikTok.
| mullingitover wrote:
| > At least we can tackle Meta, Google and Twitter with
| domestic courts
|
| We _don 't_, and we _won 't_ (and these platforms are
| just as easily manipulated as TikTok), but we _can_ , and
| that's what matters.
| landl0rd wrote:
| The former is controlled by the most notable enemy of America.
| The latter is shitware that the government was stupid to buy.
| They are both threats to national security but in different
| ways and the government being stupid about TeleMessage doesn't
| mean it should ignore the threat of tik tok.
| TiredOfLife wrote:
| TikTok thing was about it being a mass media that was
| distribution Chinese and Russian propaganda and whose
| leadership was outside US jurisdiction.
| specproc wrote:
| What seemed to be interesting from the email addresses disclosed
| is that there are a hell of a lot of people engaged in finance,
| investment or trading of one sort or another.
|
| There are a few there with enough emails for it to be relatively
| widespread within the institution: Scotiabank, JPMorgan, KKR and
| Jeffries stand out -- Scotiabank has hundreds of emails, I
| imagine they're having a bad week. Also a lot of energy stuff,
| Aramco, Total.
| jxjnskkzxxhx wrote:
| Do you understand how emails come into this? I thought signal
| used only phone numbers...
| tough wrote:
| Since TeleMessage is not really signal but just a front the
| israelis want your email to signup (its mostly an enterprise
| service, so you either pay and they know who you are already)
| etc
|
| this is like slack for signal
| heywoods wrote:
| From the other article which shared the email domains found in
| the heap. Sorry in advance for the poor formatting.
|
| ---
|
| Source: `https://micahflee.com/telemessage-customers-include-dc-
| polic...`
|
| ### I. Industry Breakdown
|
| *Financial Services (Dominant):* This is by far the most
| represented sector. It encompasses a wide array of sub-sectors:
|
| * *Investment Banking & Brokerage:* A large number of domains
| belong to global and regional investment banks, interdealer
| brokers, and brokerage firms. * Examples: `jefferies.com`,
| `morganstanley.com`, `cantor.com`, `tpicap.com`, `bgcg.com`,
| `rjobrien.com`, `clarksons.com` (shipping finance/brokerage)
|
| * *Asset & Investment Management:* Numerous firms managing
| diverse asset classes for institutional and private clients are
| present. * Examples: `kkr.com`, `aresmgmt.com`, `pimco.com`,
| `nuveen.com`, `franklintempleton.com`, `apg-am.com`
|
| * *Banking (Commercial & Private):* Major multinational and
| regional banks are included, covering commercial, private, and
| retail banking. * Examples: `jpmorgan.com`, `bbva.com`,
| `cibc.com`, `scotiabank.com` (and its numerous regional
| variations), `bradescobank.com`, `safra.com`,
| `standardbank.co.za`, `dbank.co.il`
|
| * *Wealth Management:* Firms specializing in wealth advisory for
| high-net-worth individuals are visible. * Examples:
| `gentrustwm.com`, `boltonglobal.com`, `rohrpwm.com`
|
| * *Cryptocurrency & Digital Assets:* A significant and growing
| sub-sector, with exchanges, trading firms, and investment
| managers focusing on digital assets. * Examples: `coinbase.com`,
| `galaxydigital.io`, `b2c2.com`, `hiddenroad.com`,
| `aminagroup.com` (formerly SEBA), `panteracapital.com`
|
| * *Fintech & Financial Technology:* Companies providing
| technology solutions for the financial industry, including
| trading platforms and compliance tools. * Examples: `smarsh.com`,
| `telemessage.com`, `interactivebrokers.com`
|
| * *Venture Capital & Private Equity:* A strong showing of firms
| investing across various stages and sectors, from early-stage
| tech to large buyouts. * Examples: `a16z.com`, `sequoiacap.com`
| (implied), `vistaequitypartners.com`, `lcatterton.com`,
| `ardian.com`, `tigerglobal.com`, `tcv.com`, `bitkraft.vc`,
| `blockchaincapital.com`
|
| *Energy & Commodities:* This sector is well-represented by:
|
| * *Trading Houses:* Global and regional commodity traders dealing
| in oil, gas, metals, and agricultural products. * Examples:
| `vitol.com`, `gunvorgroup.com`, `eni.com` (also integrated),
| `amerexenergy.com`, `amius.com`, `pvm.co.uk`
|
| * *Energy Companies (Integrated & Exploration/Production):* Major
| oil and gas companies and related services. * Examples:
| `totalenergies.com`, `petrobras.com`, `marathonpetroleum.com`,
| `p66.com`, `aramcotrading.us`
|
| *Government & Public Sector:* Primarily U.S. government entities,
| including:
|
| * *Federal Agencies:* * Examples: `cbp.dhs.gov` (Customs and
| Border Protection), `usss.dhs.gov` (Secret Service), `dfc.gov`
| (Development Finance Corporation), `who.eop.gov` (White House
| Office)
|
| * *Local Government:* * Example: `dc.gov` (District of Columbia
| Government)
|
| *Technology (Non-Fintech Focus):* While many tech firms are
| Fintech-related, some general software and IT service providers
| are present. * Examples: `nice.com`, `nebari.com`, `vlmsofts.com`
|
| *Consulting:* A smaller representation, often specialized. *
| Example: `soteriasolutions.us` (safety/threat management)
|
| *Real Estate:* Investment and advisory firms in the real estate
| sector. * Examples: `eastdilsecured.com`, `digitalbridge.com`
| (digital infrastructure)
|
| *Shipping & Logistics:* Companies involved in shipping brokerage
| and services. * Examples: `clarksons.com`, `mcquilling-
| energy.com`, `freightinvestor.com`
|
| ### II. Geographical Breakdown (Based on domain extensions and
| company descriptions)
|
| * *United States (Dominant):* A very large portion of the
| entities are U.S.-based or have significant U.S. operations. This
| is evident from the high number of `.com` domains associated with
| American companies and the presence of `.gov` domains. * Major
| financial centers like New York and tech hubs in California are
| implicitly represented (e.g., `aresmgmt.com`, `kkr.com`,
| `a16z.com`, `morganstanley.com`).
|
| * *Canada:* A strong presence, particularly Scotiabank and its
| various divisions, along with other financial and tech firms. *
| Examples: `scotiabank.com`, `scotiabank.ca` (implied),
| `cibc.com`, `bitbuy.ca`, `wonder.fi`
|
| * *United Kingdom:* Well-represented in finance (banking,
| brokerage, asset management) and commodities. London's role as a
| global financial hub is evident. * Examples: `cantor.co.uk`,
| `pvm.co.uk`, `ubauk.com`, `hbluk.com`, `rmb.co.uk`,
| `amcgroup.com`
|
| * *Latin America:* Several domains indicate operations or focus
| in this region, with Scotiabank having a particularly strong
| showing. * *Mexico:* `scotiabank.com.mx`, `scotiacb.com.mx`,
| `scotiawealth.com.mx` * *Chile:* `scotiabank.cl`,
| `larrainvial.com` * *Peru:* `scotiabank.com.pe` * *Colombia:*
| `scotiabankcolpatria.com` * *Brazil:* `br.scotiabank.com`,
| `petrobras.com.br`, `bradescobank.com`, `itaubba.eu` (European
| arm of Brazilian bank) * *Panama:* `pa.scotiabank.com`
|
| * *Europe (excluding UK):* * *France:* `totalenergies.com`,
| `ardian.com`, `mbcfrance.com` * *Switzerland:* `seba.swiss` /
| `aminagroup.com`, `hnwag.com`, `itau.ch` * *Monaco:*
| `tyruscap.mc` * *Netherlands:* `apg-am.com` * Other European
| presences through global firms (e.g., `itaubba.eu`).
|
| * *Asia:* Highlighting its role as a financial hub. * *Hong
| Kong:* `apg-am.hk` * *Singapore:* `apg-am.sg`, `gfigroup.com.sg`,
| `icap.com.sg`, `sg.pimco.com`, `traditionasia.com` * *Japan:*
| `mitsui.com`, `tullettprebon.co.jp`, `smbcgroup.com` * *Israel:*
| `dbank.co.il`, `fibi.co.il`, `opco.co.il`, `nice.com` *
| *Indonesia:* `miraeasset.co.id`
|
| * *Middle East:* * *UAE:* `freightinvestor.ae`,
| `aramcotrading.us` (US trading arm of Saudi Aramco) * General
| presence of firms like Alpha Wave Global with strong ties to the
| region.
|
| * *Africa:* * *South Africa:* `standardbank.co.za`
|
| * *Global:* Many firms operate globally, even if headquartered in
| a specific country (e.g., `a16z.com`, `kkr.com`,
| `morganstanley.com`).
|
| ### III. Notable Trends & Observations
|
| * *Dominance of Financial Services:* The sheer volume of
| financial sector domains underscores its significant role in this
| context. * *Globalization of Finance:* Many financial
| institutions have multiple country-specific domains (e.g.,
| Scotiabank, PIMCO, ICAP/TP ICAP), reflecting international
| operations. * *Rise of Digital Assets:* Numerous cryptocurrency
| exchanges, traders, and VCs focused on Web3 indicate the growing
| institutionalization of this asset class. * *Concentration of
| Energy Trading:* A significant number of specialized energy and
| commodity trading firms are present. * *Venture Capital Focus on
| Technology:* Many VC firms listed are known for investments in
| technology and, increasingly, blockchain/crypto. * *Government
| Presence:* Inclusion of U.S. federal and local government domains
| suggests interactions with these regulatory or administrative
| bodies. * *Prevalence of `.com`:* Despite geographical diversity,
| `.com` remains the most common top-level domain. * *Personal
| Email Addresses (`gmail.com`):* The presence of a few Gmail
| addresses (6 emails) is minor but indicates not all
| communications are necessarily from official corporate domains.
|
| ---
___________________________________________________________________
(page generated 2025-05-26 23:00 UTC)