andretorretta.com.br
Open in
urlscan Pro
104.196.146.236
Malicious Activity!
Public Scan
Effective URL: http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/
Submission: On November 14 via api from CA
Summary
This is the only time andretorretta.com.br was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: USAA (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
2 43 | 104.196.146.236 104.196.146.236 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
13 | 172.227.121.97 172.227.121.97 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
1 1 | 172.217.23.162 172.217.23.162 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:81c::2002 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 2a00:1450:400... 2a00:1450:4001:81b::2004 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 2a00:1450:400... 2a00:1450:4001:81b::2003 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
55 | 3 |
ASN15169 (GOOGLE - Google LLC, US)
PTR: 236.146.196.104.bc.googleusercontent.com
andretorretta.com.br |
ASN20940 (AKAMAI-ASN1, US)
PTR: a172-227-121-97.deploy.static.akamaitechnologies.com
content.usaa.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s22-in-f162.1e100.net
www.googleadservices.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
43 |
andretorretta.com.br
2 redirects
andretorretta.com.br |
495 KB |
13 |
usaa.com
content.usaa.com |
235 KB |
1 |
google.de
www.google.de |
60 B |
1 |
google.com
1 redirects
www.google.com |
762 B |
1 |
doubleclick.net
1 redirects
googleads.g.doubleclick.net |
1 KB |
1 |
googleadservices.com
1 redirects
www.googleadservices.com |
876 B |
55 | 6 |
Domain | Requested by | |
---|---|---|
43 | andretorretta.com.br |
2 redirects
andretorretta.com.br
|
13 | content.usaa.com |
andretorretta.com.br
|
1 | www.google.de |
andretorretta.com.br
|
1 | www.google.com | 1 redirects |
1 | googleads.g.doubleclick.net | 1 redirects |
1 | www.googleadservices.com | 1 redirects |
55 | 6 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.usaa.com |
mobile.usaa.com |
communities.usaa.com |
www.usaa.apply2jobs.com |
content.usaa.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.usaa.com Symantec Class 3 EV SSL CA - G3 |
2017-09-11 - 2018-12-08 |
a year | crt.sh |
www.google.de Google Internet Authority G3 |
2017-11-01 - 2018-01-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/
Frame ID: 3244.1
Requests: 55 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://andretorretta.com.br/wp-admin/js/css/
HTTP 302
http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416 HTTP 301
http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/ Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- headers server /php\/?([\d.]+)?/i
Ubuntu (Operating Systems) Expand
Detected patterns
- headers server /Ubuntu/i
OpenSSL (Web Server Extensions) Expand
Detected patterns
- headers server /OpenSSL(?:\/([\d.]+[a-z]?))?/i
mod_fastcgi (Web Server Extensions) Expand
Detected patterns
- headers server /mod_fastcgi(?:\/([\d.]+))?/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
- headers server /mod_fastcgi(?:\/([\d.]+))?/i
Page Statistics
203 Outgoing links
These are links going to different origins than the main page.
Title: ForgotĀ Your OnlineĀ ID ?
Search URL Search Domain Scan URL
Title: Forgot yourĀ password
Search URL Search Domain Scan URL
Title: Register Ā with USAA
Search URL Search Domain Scan URL
Title: Other Contact Options
Search URL Search Domain Scan URL
Title: mobile.usaa.com
Search URL Search Domain Scan URL
Title: View All USAA Products
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Auto Insurance
Search URL Search Domain Scan URL
Title: Homeowner Insurance
Search URL Search Domain Scan URL
Title: Rental Property Insurance
Search URL Search Domain Scan URL
Title: Renters Insurance
Search URL Search Domain Scan URL
Title: Valuable Personal Property Insurance
Search URL Search Domain Scan URL
Title: Home and Property Insurance
Search URL Search Domain Scan URL
Title: Flood Insurance
Search URL Search Domain Scan URL
Title: Life Insurance
Search URL Search Domain Scan URL
Title: Health Insurance
Search URL Search Domain Scan URL
Title: Medicare
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Long-Term Care
Search URL Search Domain Scan URL
Title: Umbrella Insurance
Search URL Search Domain Scan URL
Title: Motorcycle, RV and Boat Insurance
Search URL Search Domain Scan URL
Title: Small Business Insurance
Search URL Search Domain Scan URL
Title: Additional Insurance Solutions
Search URL Search Domain Scan URL
Title: Banking
Search URL Search Domain Scan URL
Title: Checking Accounts
Search URL Search Domain Scan URL
Title: Savings Account
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Extended Vehicle Protection
Search URL Search Domain Scan URL
Title: Car Buying Service
Search URL Search Domain Scan URL
Title: Certificates of Deposit
Search URL Search Domain Scan URL
Title: Home Mortgages
Search URL Search Domain Scan URL
Title: MoversAdvantage
Search URL Search Domain Scan URL
Title: Home Equity Products
Search URL Search Domain Scan URL
Title: Personal Loans
Search URL Search Domain Scan URL
Title: Motorcycle, RV and Boat Loans
Search URL Search Domain Scan URL
Title: Credit Monitoring & ID Protection
Search URL Search Domain Scan URL
Title: Youth Banking
Search URL Search Domain Scan URL
Title: College Products
Search URL Search Domain Scan URL
Title: Investments
Search URL Search Domain Scan URL
Title: Mutual Funds
Search URL Search Domain Scan URL
Title: Brokerage Services
Search URL Search Domain Scan URL
Title: College Savings Plans
Search URL Search Domain Scan URL
Title: USAA Managed Money
Search URL Search Domain Scan URL
Title: IRAs
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Certificates of Deposit
Search URL Search Domain Scan URL
Title: Market News and Research
Search URL Search Domain Scan URL
Title: USAA Market Commentary
Search URL Search Domain Scan URL
Title: Real Estate
Search URL Search Domain Scan URL
Title: Home and Rental Search
Search URL Search Domain Scan URL
Title: Real Estate Agent Finder
Search URL Search Domain Scan URL
Title: Home Equity Products
Search URL Search Domain Scan URL
Title: Mortgages
Search URL Search Domain Scan URL
Title: Retirement Planning
Search URL Search Domain Scan URL
Title: IRAs and Rollovers
Search URL Search Domain Scan URL
Title: Financial Planning
Search URL Search Domain Scan URL
Title: USAA Wealth Management
Search URL Search Domain Scan URL
Title: Trust Services
Search URL Search Domain Scan URL
Title: Shopping and Discounts
Search URL Search Domain Scan URL
Title: Diamond & Jewelry Shop
Search URL Search Domain Scan URL
Title: Car Buying Service
Search URL Search Domain Scan URL
Title: Travel Discounts
Search URL Search Domain Scan URL
Title: Rental Cars
Search URL Search Domain Scan URL
Title: Flowers
Search URL Search Domain Scan URL
Title: USAA MemberShop
Search URL Search Domain Scan URL
Title: Home and Online Security
Search URL Search Domain Scan URL
Title: Shipping
Search URL Search Domain Scan URL
Title: USAA Logo Store
Search URL Search Domain Scan URL
Title: View All Advice Center
Search URL Search Domain Scan URL
Title: Personal Finances
Search URL Search Domain Scan URL
Title: Tax Center
Search URL Search Domain Scan URL
Title: Investing Essentials
Search URL Search Domain Scan URL
Title: Saving and Budgeting
Search URL Search Domain Scan URL
Title: Managing Debt and Credit
Search URL Search Domain Scan URL
Title: Refinancing Your Home
Search URL Search Domain Scan URL
Title: Ask USAA a Financial Question
Search URL Search Domain Scan URL
Title: Your Retirement
Search URL Search Domain Scan URL
Title: Am I on Track?
Search URL Search Domain Scan URL
Title: Getting Started
Search URL Search Domain Scan URL
Title: Growing Your Retirement
Search URL Search Domain Scan URL
Title: Planning For Retirement
Search URL Search Domain Scan URL
Title: Military Retirement
Search URL Search Domain Scan URL
Title: Family Life
Search URL Search Domain Scan URL
Title: Becoming a Parent
Search URL Search Domain Scan URL
Title: Kids, Money and College
Search URL Search Domain Scan URL
Title: Getting Married
Search URL Search Domain Scan URL
Title: Getting Divorced
Search URL Search Domain Scan URL
Title: Loss of a Loved One
Search URL Search Domain Scan URL
Title: Auto and Home Safety
Search URL Search Domain Scan URL
Title: Disaster and Recovery
Search URL Search Domain Scan URL
Title: Earthquakes
Search URL Search Domain Scan URL
Title: Floods and Storms
Search URL Search Domain Scan URL
Title: Hurricanes
Search URL Search Domain Scan URL
Title: Tornadoes
Search URL Search Domain Scan URL
Title: Wildfires
Search URL Search Domain Scan URL
Title: Winter Storms
Search URL Search Domain Scan URL
Title: Military Life
Search URL Search Domain Scan URL
Title: Joining the Military
Search URL Search Domain Scan URL
Title: Deployment
Search URL Search Domain Scan URL
Title: PCS
Search URL Search Domain Scan URL
Title: Military Spouses
Search URL Search Domain Scan URL
Title: Leaving the Military
Search URL Search Domain Scan URL
Title: Your Car
Search URL Search Domain Scan URL
Title: Find Your Next Car
Search URL Search Domain Scan URL
Title: Buy a Car
Search URL Search Domain Scan URL
Title: Sell Your Car
Search URL Search Domain Scan URL
Title: Insure Your Car
Search URL Search Domain Scan URL
Title: Maintain Your Car
Search URL Search Domain Scan URL
Title: Make an Insurance Claim
Search URL Search Domain Scan URL
Title: Your Home
Search URL Search Domain Scan URL
Title: Buy a Home
Search URL Search Domain Scan URL
Title: Rent a Home
Search URL Search Domain Scan URL
Title: Sell Your Home
Search URL Search Domain Scan URL
Title: Maintain Your Home
Search URL Search Domain Scan URL
Title: Work Life
Search URL Search Domain Scan URL
Title: Starting Your Job Search
Search URL Search Domain Scan URL
Title: Landing Your New Job
Search URL Search Domain Scan URL
Title: Making a Fresh Start
Search URL Search Domain Scan URL
Title: Why Join USAA
Search URL Search Domain Scan URL
Title: View Available Rates and Terms
Search URL Search Domain Scan URL
Title: Get an Auto Insurance Quote
Search URL Search Domain Scan URL
Title: Retrieve Quote
Search URL Search Domain Scan URL
Title: View Rates, Fees, and other Cost Information
Search URL Search Domain Scan URL
Title: Auto Insurance
Search URL Search Domain Scan URL
Title: Get an Auto Insurance Quote
Search URL Search Domain Scan URL
Title: Retrieve Quote
Search URL Search Domain Scan URL
Title: Free Checking
Search URL Search Domain Scan URL
Title: Rate Advantage Credit Card
Search URL Search Domain Scan URL
Title: Life Insurance
Search URL Search Domain Scan URL
Title: Get a Life Insurance Quote
Search URL Search Domain Scan URL
Title: Fiscal Cliff
Search URL Search Domain Scan URL
Title: See More Life Events
Search URL Search Domain Scan URL
Title: Family Life
Search URL Search Domain Scan URL
Title: See More Life Events
Search URL Search Domain Scan URL
Title: Lifelong Benefits
Search URL Search Domain Scan URL
Title: Join USAA
Search URL Search Domain Scan URL
Title: Who can become a member?
Search URL Search Domain Scan URL
Title: Join USAA
Search URL Search Domain Scan URL
Title: Be a Part of Something Bigger
Search URL Search Domain Scan URL
Title: Why choose USAA?
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Auto Insurance
Search URL Search Domain Scan URL
Title: Home & Property Insurance
Search URL Search Domain Scan URL
Title: Life Insurance
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Additional Insurance Solutions
Search URL Search Domain Scan URL
Title: Medicare Solutions
Search URL Search Domain Scan URL
Title: Claims Center
Search URL Search Domain Scan URL
Title: Banking
Search URL Search Domain Scan URL
Title: Checking Accounts
Search URL Search Domain Scan URL
Title: Savings Account
Search URL Search Domain Scan URL
Title: Certificates of Deposit
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Home Mortgages
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Home Equity Products
Search URL Search Domain Scan URL
Title: Investments
Search URL Search Domain Scan URL
Title: Mutual Funds
Search URL Search Domain Scan URL
Title: IRAs
Search URL Search Domain Scan URL
Title: Brokerage Services
Search URL Search Domain Scan URL
Title: College Savings Plans
Search URL Search Domain Scan URL
Title: USAA Managed Money
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Market News & Research
Search URL Search Domain Scan URL
Title: Retirement
Search URL Search Domain Scan URL
Title: Retirement Planning
Search URL Search Domain Scan URL
Title: Rollover 401(k) or TSP
Search URL Search Domain Scan URL
Title: Getting Started
Search URL Search Domain Scan URL
Title: Growing Your Retirement
Search URL Search Domain Scan URL
Title: Living in Retirement
Search URL Search Domain Scan URL
Title: Military Retirement
Search URL Search Domain Scan URL
Title: View the Retirement Guide
Search URL Search Domain Scan URL
Title: Advice
Search URL Search Domain Scan URL
Title: Tax Center
Search URL Search Domain Scan URL
Title: Financial Planning
Search URL Search Domain Scan URL
Title: USAA Wealth Management
Search URL Search Domain Scan URL
Title: Managing Your Money
Search URL Search Domain Scan URL
Title: Ask a Financial Advisor
Search URL Search Domain Scan URL
Title: Smart Strategies
Search URL Search Domain Scan URL
Title: Visit the USAAĀ Community Hub
Search URL Search Domain Scan URL
Title: Financial AdviceĀ Community
Search URL Search Domain Scan URL
Title: Military SpouseĀ Community
Search URL Search Domain Scan URL
Title: Military VeteransĀ Community
Search URL Search Domain Scan URL
Title: I Am USAA Stories and More
Search URL Search Domain Scan URL
Title: USAA Facebook (Opens New Window)
Search URL Search Domain Scan URL
Title: USAA Twitter (Opens New Window)
Search URL Search Domain Scan URL
Title: USAA YouTube (Opens New Window)
Search URL Search Domain Scan URL
Title: Go mobile with apps and more
Search URL Search Domain Scan URL
Title: Corporate Info
Search URL Search Domain Scan URL
Title: Newsroom
Search URL Search Domain Scan URL
Title: Security & Privacy
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Site Terms
Search URL Search Domain Scan URL
Title:
Search URL Search Domain Scan URL
Title: its insurance, banking, investment and other companies
Search URL Search Domain Scan URL
Title: NJ Precert Information & Request Form
Search URL Search Domain Scan URL
Title: Statement of Financial Condition
Search URL Search Domain Scan URL
Title: Guide to Benefits
Search URL Search Domain Scan URL
Title: auto insurance
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://andretorretta.com.br/wp-admin/js/css/
HTTP 302
http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416 HTTP 301
http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 51- http://www.googleadservices.com/pagead/conversion/967901206/?random=1510687678467&cv=7&fst=1510687678467&num=1&fmt=3&value=0&label=oHJeCJKorwQQloDEzQM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&url=http%3A//andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/&frm=0 HTTP 302
- http://googleads.g.doubleclick.net/pagead/viewthroughconversion/967901206/?random=1902228628&cv=7&fst=*&num=1&fmt=3&value=0&label=oHJeCJKorwQQloDEzQM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&url=http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/&frm=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=vkMLWuO8HZakzAbMoLj4CQ&sscte=1 HTTP 302
- http://www.google.com/ads/conversion/967901206/?random=1902228628&cv=7&fst=*&num=1&fmt=3&value=0&label=oHJeCJKorwQQloDEzQM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&url=http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/&frm=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&cdct=2&is_vtc=1&ocp_id=vkMLWuO8HZakzAbMoLj4CQ&random=3850806710 HTTP 302
- http://www.google.de/ads/conversion/967901206/?random=1902228628&cv=7&fst=*&num=1&fmt=3&value=0&label=oHJeCJKorwQQloDEzQM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&url=http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/&frm=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&cdct=2&is_vtc=1&ocp_id=vkMLWuO8HZakzAbMoLj4CQ&random=3850806710&ipr=y&ulfeg=n HTTP 307
- https://www.google.de/ads/conversion/967901206/?random=1902228628&cv=7&fst=*&num=1&fmt=3&value=0&label=oHJeCJKorwQQloDEzQM&bg=ffffff&hl=en&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=0&u_nmime=0&url=http://andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/&frm=0&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&cdct=2&is_vtc=1&ocp_id=vkMLWuO8HZakzAbMoLj4CQ&random=3850806710&ipr=y&ulfeg=n
55 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Primary Request
Cookie set
/
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/ Redirect Chain
|
172 KB 22 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aggregator.css
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
139 KB 26 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aggregator.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logonCapsLockCheck-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
2 KB 906 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
exception_landing_aggregate.css
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
29 KB 6 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
navigationTreatments.css
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
17 KB 4 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
socialMediaBar_alt.css
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
7 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SpeedDetection-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
2 KB 708 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
transient_layer_v2-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
29 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
blank.gif
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
43 B 43 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pr_pc_auto_legacycivilian_lbn.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
58 KB 58 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pr_bk_cred_rateadvantage_lbn.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
53 KB 53 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cc_advc_frdymrktcmntry_lbn.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
201 KB 201 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubHome-smallpack-photo-1-2.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Home_3Pack_RateAdv.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
9 KB 9 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
rt_cc_advc_taxchanges_rtp.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
productBucketCarousel_usaaguide_moving.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubHome-smallpack-photo-4-2.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
11 KB 11 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubHome-smallpack-photo-4-3.jpg
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
15 KB 15 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
logo_ed_foundation_badge.gif
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
5 KB 5 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jsonrpc-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
8 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
eventmanager-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
608 B 317 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
json-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
3 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
uniccaoffersMainPage-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
2.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
46 KB 13 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
conversion.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
6 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
a.gif
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
42 B 42 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SocMedIcon_facebook.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SocMedIcon_twitter.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
2 KB 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SocMedIcon_youtube.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
bk_x_equal-h.gif
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
2 KB 2 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
footnotes-min.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
12 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
aggregator_002.js
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Logon_files/ |
18 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background_general_fb.png
content.usaa.com/mcontent/static_assets/Media/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enterprise-global-navigation-sprite.png
content.usaa.com/mcontent/static_assets/Media/ |
26 KB 26 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logonError_topBorder.png
content.usaa.com/mcontent/static_assets/Media/ |
393 B 411 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubHome-banner-nav-bg-sprite_shortCarousel.png
content.usaa.com/mcontent/static_assets/Media/ |
10 KB 10 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubHome-banner-nav-bg-sprite.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
285 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pubHome-banner-nav-bg-sprite.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
285 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubHome-smallpack-photo-1-1.jpg
content.usaa.com/mcontent/static_assets/Media/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
primary_arrow.gif
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
270 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
control_sprite.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
271 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rt_lh_life_protect_rtp.jpg
content.usaa.com/mcontent/static_assets/Media/ |
14 KB 14 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubHome-smallpack-photo-4-1.jpg
content.usaa.com/mcontent/static_assets/Media/ |
12 KB 12 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
LogOffPage-Sprite.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
274 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pr_bk_cfas_navpresidentsday2013_lbn.png
content.usaa.com/mcontent/static_assets/Media/ |
12 KB 12 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pr_pc_auto_navlegacycivilian_lbn.png
content.usaa.com/mcontent/static_assets/Media/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pr_bk_cred_navrateadvantage_lbn.png
content.usaa.com/mcontent/static_assets/Media/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cc_advc_navfrdymrktcmntry.png
content.usaa.com/mcontent/static_assets/Media/ |
8 KB 8 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pr_bk_cfas_presidentsday2013_lbn.jpg
content.usaa.com/mcontent/static_assets/Media/ |
59 KB 59 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cta_pri_button_sprite.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
278 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ctaIcon_playvid_blue.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
277 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
www.google.de/ads/conversion/967901206/ Redirect Chain
|
42 B 60 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
SocMedSprite_v5.png
andretorretta.com.br/wp-admin/js/css/2f8a43221387e2dd65b9b84e9105a416/Media/ |
272 B 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usaa-sprite-globalNav_v2.png
content.usaa.com/mcontent/static_assets/Media/ |
56 KB 56 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: USAA (Banking)0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
andretorretta.com.br/ | Name: PHPSESSID Value: 9r4ua7rt5im895057hcdubr7k7 |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
andretorretta.com.br
content.usaa.com
googleads.g.doubleclick.net
www.google.com
www.google.de
www.googleadservices.com
104.196.146.236
172.217.23.162
172.227.121.97
2a00:1450:4001:81b::2003
2a00:1450:4001:81b::2004
2a00:1450:4001:81c::2002
11bfae0db954f8a94e0aefa1dbd3419fe86645f1f780f298109240d82b310533
120a9826c16bb4b7817ab3c79289184bce0142bd7c136916e0620fbf57465d9a
1b8ddc0beb7d5b31bd256fdedf5212cb075d867c29579861dd07e78bce1d5dea
2b1aac5c25a201d7f25631ab5e1983a053cad25494445513aa58e1b51005b070
300505af0f5d7ad8422260dab9d2e2277f077fe9a966e4c9b9165b99c07c6c9b
31ff6ce0e61b75540fabc47b9e0cc905decfc2fab545e84d28009b3652dae803
32f80bbb883f8567fa488ec89e517118b736c339faef57c719b5ed1d81fa0f68
355d75d26f2f917a2f1cd1fdebf15f06daa6a3b6e36f38209f4672c685fb676f
35a0ec043b296bb83758210d296f83a93d7fc3a2b099a2b946932a623c3b7b3f
35b79499c73b2899f93c5740e275b3727639e57dacc32cbb17729deff9a9fd38
3af74e816a4648e94a9f159eb6c0356c387230c538027fdde91a1ab5da11a475
3b693fc05968a34de4a94061b2f49732d3d5a08a32f9307a999cc859571db8b9
3eb8abcac5d02ebb7c41fcebb6d1945a84328acb8b27d9d7b10c587aeacc7dce
43ff95bfec7ec1579fa4f9fc66ee1b6b4ffbc69825dea451d9e45be60952feff
445c5ac5ead3021ee8316557f7f82df9d331b27089d14dd0acf28ae0403698a2
470c770885a2abed7bb2c17b4f9ad38a7d04e015327ca8eb130a8da44d62b3c5
483997faec5e93f9db812f61bd3254a721f2829aa70a91f71d73cc5677f7b514
4938e75d890d488c37d3ae0015100ad05c19b33c04046bb5ff98db9b21642dc1
522a5fe0b1921acbaa0925b2a50fa141b0719797d5c552ffc150415c7c44d23b
5328b162caeb0fa6918650087bed97632dec9705f68ef3fa5817c6f3858267ec
58e18657c423521c465397fa240ab2c9004ee6b633aa06180daaeba421e4ec3a
5ccd54c96ba7b358a571d652cd4ccadedf7e234e30e71633fa69877ae876b5d9
66254d1ebec2d0c8c032302dce630f91eaf788c0cb32e5d1d3285593eb96d511
6a9930c85641cfe32a11d23f7e808a96c94fc7b575e439e0f9db207d758459d6
6f5f6b14c5e2c3f8a9513cb1354e9f3c13857be0834569d96d92e6746d450d61
7e78d4e080a4e03ae306a42d63ecf856eca871495891d1f7e17771a78fd1fbf9
806f5b480c880cbd6cc6ebeb9f4b99695d67ed2b8f6ea8071c15e873e4653f57
81536afe76128628e98f36cdba1dbc40551d6777e619ed5ba8ef117a0ef80a4e
8b8337b18f717f4cd44b339f216dc9ba14c9de096c33d02b5325bc61d33e97eb
8c6fa5029a9cbf57760ab020cb5211bd1f1c06c6670d94dc55a01e1f8c61bee4
9350b054ca654e01782ad904f399a25772ba37659b198ff6438d0efc1c66058e
96f8793d33d016539e8516c29c0765b679a5db52eb8c5eaa587edeba5f128a20
9e1eaf16f424479f4885984328176479448277be7e45c2819f8063aba32fea2e
9f559778d6eedc5af7c27cd12733209951c46101b1839a2cc3b22555849ff53b
9fbc598eb4b034bd73d0e6772119c7835f01c1b480fd2a616b3f3a3e3479f746
a0a6cc15948861cfda0027a36317798cd17aa83c89ffdb0648dcff6e9d44ee67
aca12517344161d2dc9c4a482bb02fbe88a386d31126a40614b64b90111cd4e2
b06ec07aacdbde145cdb76aa35b31ec5c42badd66c8edbe46fc7c2bf99de122a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b315b7eb6f92dd341ee8632bfc8229f63e0fdda70d118099200c2068ad054d1a
c0ab0ad95a8e832b5ac556a4cc1451ce08ae63ba830711b8c1a791bca4fe6e5a
caae59671a39cd84c4d1072f9ffe35c75c4bdbed3a13aeede9381c51575e43fa
cb8fa525c4dc8f3497a2ca636746615e3760281a72660a3ea2f215339efd3775
d1e027fc5fe09d2a8db42261f6b249d375c63fe0a1c141d363694cdb3338ecb3
e201c2e38da8255a673769b8dbd10ce03d6656f97118360e4735ff97917d1aaa
e2171d421fbf4f6167216f2a1979cfbb9e51da58fffc95a9ac0fa88c7329263e
e2e04a8e937f5b74a4c50cb7592a8e0bba54b40818d44e43ffd5c40c6b4fe72a
e5c339964899ca4b067a8ad495a23592256085f6c7a539b760af9380704fe310
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0e64a2d93e6f9ef035208aadbe9d0f7ea54fb9fa8efdb5be7a54b4d84c5bbb6
fd72508375d7c1648f84ff87ef2ecfb96d53ff7f0651d76f8f753de9296d2b5e
fd7af091bd7d3efce2a6e03018486d65333725e0ce8a272c4c811c6313c7875c