![](/screenshots/06862ea3-c251-48a2-ae91-f0da875fc5bb.png)
updatedtos.generaldataprotection.us
Open in
urlscan Pro
64.235.61.170
Malicious Activity!
Public Scan
Effective URL: https://updatedtos.generaldataprotection.us/
Submission: On November 27 via automatic, source openphish — Scanned from US
Summary
TLS certificate: Issued by R3 on July 29th 2022. Valid for: 3 months.
This is the only time updatedtos.generaldataprotection.us was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: USAA (Banking)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
4 18 | 64.235.61.170 64.235.61.170 | 26277 (PREMIANET) (PREMIANET) | |
3 | 192.0.78.26 192.0.78.26 | 2635 (AUTOMATTIC) (AUTOMATTIC) | |
4 | 23.192.48.129 23.192.48.129 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
1 | 2a03:2880:f01... 2a03:2880:f012:2:face:b00c:0:1 | 32934 (FACEBOOK) (FACEBOOK) | |
28 | 5 |
ASN26277 (PREMIANET, US)
PTR: singapore-datacenter.serverpoint.com
updatedtos.generaldataprotection.us |
ASN16625 (AKAMAI-AS, US)
PTR: a23-192-48-129.deploy.static.akamaitechnologies.com
content.usaa.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
18 |
generaldataprotection.us
4 redirects
updatedtos.generaldataprotection.us |
136 KB |
4 |
usaa.com
content.usaa.com — Cisco Umbrella Rank: 77997 |
89 KB |
3 |
href.li
href.li — Cisco Umbrella Rank: 92629 |
|
1 |
atdmt.com
view.atdmt.com — Cisco Umbrella Rank: 74600 |
|
28 | 4 |
Domain | Requested by | |
---|---|---|
18 | updatedtos.generaldataprotection.us |
4 redirects
updatedtos.generaldataprotection.us
|
4 | content.usaa.com |
updatedtos.generaldataprotection.us
|
3 | href.li |
updatedtos.generaldataprotection.us
|
1 | view.atdmt.com |
updatedtos.generaldataprotection.us
|
28 | 4 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.usaa.com |
mobile.usaa.com |
communities.usaa.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
updatedtos.generaldataprotection.us R3 |
2022-07-29 - 2022-10-27 |
3 months | crt.sh |
www.usaa.com DigiCert SHA2 Extended Validation Server CA |
2022-04-05 - 2023-05-06 |
a year | crt.sh |
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA |
2022-09-05 - 2022-12-04 |
3 months | crt.sh |
This page contains 3 frames:
Primary Page:
https://updatedtos.generaldataprotection.us/
Frame ID: 2D40EC2ED437D9CAF1473E3525E1E3C3
Requests: 30 HTTP requests in this frame
Frame:
https://view.atdmt.com/iaction/iwcusa_PublicHomePageLogonJumpPages_1
Frame ID: A1F0A15452FF0A857E340DD4BC1D7B1A
Requests: 1 HTTP requests in this frame
Frame:
https://updatedtos.generaldataprotection.us/files/iwcusa_PublicHomePageLogonJumpPages_1.html
Frame ID: EA1C1121C12143362704822754231402
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/06862ea3-c251-48a2-ae91-f0da875fc5bb.png)
Page Title
Insurance, Banking, Investments & Retirement | USAAPage URL History Show full URLs
-
http://updatedtos.generaldataprotection.us/
HTTP 301
https://updatedtos.generaldataprotection.us/ Page URL
Page Statistics
88 Outgoing links
These are links going to different origins than the main page.
Search URL Search Domain Scan URL
Title: View All Products
Search URL Search Domain Scan URL
Title: Insurance
Search URL Search Domain Scan URL
Title: Auto Insurance
Search URL Search Domain Scan URL
Title: Renters Insurance
Search URL Search Domain Scan URL
Title: Homeowner Insurance
Search URL Search Domain Scan URL
Title: Rental Property Insurance
Search URL Search Domain Scan URL
Title: Valuable Personal Property Insurance
Search URL Search Domain Scan URL
Title: Condo Insurance
Search URL Search Domain Scan URL
Title: Flood Insurance
Search URL Search Domain Scan URL
Title: Life Insurance
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Umbrella Insurance
Search URL Search Domain Scan URL
Title: Motorcycle, RV & Boat Insurance
Search URL Search Domain Scan URL
Title: Small Business Insurance
Search URL Search Domain Scan URL
Title: Additional Insurance Solutions
Search URL Search Domain Scan URL
Title: Banking
Search URL Search Domain Scan URL
Title: Checking Accounts
Search URL Search Domain Scan URL
Title: Savings Accounts
Search URL Search Domain Scan URL
Title: Credit Cards
Search URL Search Domain Scan URL
Title: Auto Loans
Search URL Search Domain Scan URL
Title: Car Buying Service
Search URL Search Domain Scan URL
Title: CDs
Search URL Search Domain Scan URL
Title: Home Mortgages
Search URL Search Domain Scan URL
Title: Personal Loans
Search URL Search Domain Scan URL
Title: Motorcycle, RV & Boat Loans
Search URL Search Domain Scan URL
Title: Youth Banking
Search URL Search Domain Scan URL
Title: Account Services
Search URL Search Domain Scan URL
Title: Investments
Search URL Search Domain Scan URL
Title: Brokerage & Trading
Search URL Search Domain Scan URL
Title: Mutual Funds & ETFs
Search URL Search Domain Scan URL
Title: IRAs & Rollovers
Search URL Search Domain Scan URL
Title: Education 529 Plans
Search URL Search Domain Scan URL
Title: Automated Investing
Search URL Search Domain Scan URL
Title: Plan With an Advisor
Search URL Search Domain Scan URL
Title: Real Estate
Search URL Search Domain Scan URL
Title: Mortgage Rates
Search URL Search Domain Scan URL
Title: VA Loans
Search URL Search Domain Scan URL
Title: Refinance
Search URL Search Domain Scan URL
Title: Mortgage Payment Assistance Options
Search URL Search Domain Scan URL
Title: Retirement Income
Search URL Search Domain Scan URL
Title: IRAs & Rollovers
Search URL Search Domain Scan URL
Title: Annuities
Search URL Search Domain Scan URL
Title: Long-Term Care
Search URL Search Domain Scan URL
Title: Health Insurance
Search URL Search Domain Scan URL
Title: Dental
Search URL Search Domain Scan URL
Title: Vision
Search URL Search Domain Scan URL
Title: Medicare
Search URL Search Domain Scan URL
Title: Shopping & Discounts
Search URL Search Domain Scan URL
Title: Home Solutions
Search URL Search Domain Scan URL
Title: Travel Deals
Search URL Search Domain Scan URL
Title: Online Shopping
Search URL Search Domain Scan URL
Title: Vehicle Maintenance Center
Search URL Search Domain Scan URL
Title: Advice
Search URL Search Domain Scan URL
Title: Join USAA
Search URL Search Domain Scan URL
Title: Calling from International
Search URL Search Domain Scan URL
Title: Contact & Support Center
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title: ATMs & Locations
Search URL Search Domain Scan URL
Title: Forgot your Online ID?
Search URL Search Domain Scan URL
Title: Forgot your Password?
Search URL Search Domain Scan URL
Title: Register with USAA
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title: mobile.usaa.com
Search URL Search Domain Scan URL
Title: Online ID
Search URL Search Domain Scan URL
Title: password
Search URL Search Domain Scan URL
Title: Set up online access
Search URL Search Domain Scan URL
Title: Security Center
Search URL Search Domain Scan URL
Title: JOIN ONLINE
Search URL Search Domain Scan URL
Title: Get Support. Discuss. Explore. Visit the USAA Community.
Search URL Search Domain Scan URL
Title: Financial Questions & Answers
Search URL Search Domain Scan URL
Title: GO MOBILEapps & more
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Search URL Search Domain Scan URL
Title: Corporate Info & Media
Search URL Search Domain Scan URL
Title: News Center
Search URL Search Domain Scan URL
Title: Privacy
Search URL Search Domain Scan URL
Title: Careers
Search URL Search Domain Scan URL
Title: Accessibility
Search URL Search Domain Scan URL
Title: Contact Us
Search URL Search Domain Scan URL
Title: Site Map
Search URL Search Domain Scan URL
Title: FAQs
Search URL Search Domain Scan URL
Title: Site Terms
Search URL Search Domain Scan URL
Title: Switch to mobile site
Search URL Search Domain Scan URL
Title: its insurance, banking and other companies
Search URL Search Domain Scan URL
Title: About Our Ads
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://updatedtos.generaldataprotection.us/
HTTP 301
https://updatedtos.generaldataprotection.us/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 11- https://updatedtos.generaldataprotection.us/files/footnotes-min.js HTTP 302
- https://href.li/?http://google.com/404
- https://updatedtos.generaldataprotection.us/files/screenShareIFrame-min.js HTTP 302
- https://href.li/?http://google.com/404
- https://updatedtos.generaldataprotection.us/resources/a0bb28f93f1776b194a78e6ba29585 HTTP 302
- https://href.li/?http://google.com/404
- https://updatedtos.generaldataprotection.us/Media/misc_accent_socMedia.png HTTP 302
- https://href.li/?http://google.com/404
- https://updatedtos.generaldataprotection.us/resources/a0bb28f93f1776b194a78e6ba29585 HTTP 302
- https://href.li/?http://google.com/404
28 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
updatedtos.generaldataprotection.us/ Redirect Chain
|
41 KB 11 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aggregator.css
updatedtos.generaldataprotection.us/files/ |
188 KB 35 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
socialMediaBar_alt.css
updatedtos.generaldataprotection.us/files/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
enterprise_nav_globalnav_usaalogo.svg
updatedtos.generaldataprotection.us/files/ |
11 KB 4 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ent_member_eva_cta.css
updatedtos.generaldataprotection.us/files/ |
907 B 448 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mkt_logOffJumpPageExeptions_2018.css
updatedtos.generaldataprotection.us/files/ |
3 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SocMedIcon_facebook_v2.png
updatedtos.generaldataprotection.us/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SocMedIcon_twitter_v2.png
updatedtos.generaldataprotection.us/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SocMedIcon_youtube_v2.png
updatedtos.generaldataprotection.us/files/ |
1 KB 1 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
SocMedIcon_more.png
updatedtos.generaldataprotection.us/files/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usaa-sprite-globalNav_v2.png
updatedtos.generaldataprotection.us/files/ |
56 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ehl-blk.svg
updatedtos.generaldataprotection.us/files/ |
4 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
href.li/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
href.li/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
a0bb28f93f1776b194a78e6ba29585
updatedtos.generaldataprotection.us/files/ |
66 KB 17 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
background_general_fb.png
content.usaa.com/mcontent/static_assets/Media/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CC8B46FD41C3A5502.woff2
content.usaa.com/mcontent/static_assets/Fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
598 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
386 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
228 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
229 B 0 |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iwcusa_PublicHomePageLogonJumpPages_1
view.atdmt.com/iaction/ Frame A1F0 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
iwcusa_PublicHomePageLogonJumpPages_1.html
updatedtos.generaldataprotection.us/files/ Frame EA1C |
161 B 233 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
href.li/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mkt_login_background.jpg
content.usaa.com/mcontent/static_assets/Media/ |
28 KB 28 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
icon-carrotNext.svg
content.usaa.com/mcontent/static_assets/Media/ |
261 B 708 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
href.li/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usaa-sprite-globalNav_v2.png
content.usaa.com/mcontent/static_assets/Media/ |
56 KB 57 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
9ECBC8FFB535D0532.woff2
content.usaa.com/mcontent/static_assets/Fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
CC8B46FD41C3A5502.woff
content.usaa.com/mcontent/static_assets/Fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
9ECBC8FFB535D0532.woff
content.usaa.com/mcontent/static_assets/Fonts/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET |
/
href.li/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- content.usaa.com
- URL
- https://content.usaa.com/mcontent/static_assets/Fonts/CC8B46FD41C3A5502.woff2?cacheid=2159110100_p
- Domain
- href.li
- URL
- https://href.li/?http://google.com/404
- Domain
- content.usaa.com
- URL
- https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff2?cacheid=579254377_p
- Domain
- content.usaa.com
- URL
- https://content.usaa.com/mcontent/static_assets/Fonts/CC8B46FD41C3A5502.woff?cacheid=1373003117_p
- Domain
- content.usaa.com
- URL
- https://content.usaa.com/mcontent/static_assets/Fonts/9ECBC8FFB535D0532.woff?cacheid=2704893946_p
- Domain
- href.li
- URL
- https://href.li/?http://google.com/404
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: USAA (Banking)13 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 string| onPublicSide string| initialReferrerURL object| USAA object| screenShareIFrameURLs object| _cf object| _ac object| bmak string| _sd_trace function| op0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
14 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
content.usaa.com
href.li
updatedtos.generaldataprotection.us
view.atdmt.com
content.usaa.com
href.li
192.0.78.26
23.192.48.129
2a03:2880:f012:2:face:b00c:0:1
64.235.61.170
1542ec32f64035b115848f44b6e91f5da630b87b9e1319f835a48a373c26aa83
4bc8ea3a93fc322d39b10ecdde7165b9a000ae136e54438322ccd4c7fb374732
4fc8916feada75f055aca704caf4a952f016e2a4770b29ad7ed949d8eaa5e691
522a5fe0b1921acbaa0925b2a50fa141b0719797d5c552ffc150415c7c44d23b
5f1240d9a48677ff4ad738fd1a160ae8683e1fd28915c77c91723d2de0b5a341
5f37758ffd7d456a020ad4400fbb49598ce23e634add3d6704ab69973bc823df
61e8a805163515bc3f9e456d6a414bf6b45e8ff4d9df9a90ef3ec24cf4b10ef2
65708352cb57de1def639834f293cd6df58c703e9d6a530c84b420825fa2d76d
a2c2ff5cb4832e293e651e96eb0262b4d794639100502a78adc464ee4a62032e
ad5980cb9d5ad82571e49366d26c086e2c2bbe7efe6feb729c12f9594948ba21
addc813a38abb640e0eee1deec3c738b0e21df75591ed409334fbf56974165ec
c9f4a580494365cddc8105e91fd47b03befa8ff569bd10ed24458f3b4c56de04
d1886043ac668fcd2ccb7019ba9b35ef16f7d0c3db9d9dedf3862b036a4ae2d3
d317c2e6324cdd35249a3d5b6370b68d5b018fdddecc1dec0b9660f2affff0bd
d931feed1c11132e01563804eb9c3dc5b55c3d71a637621bfa35598261a6b1d3
ddaa6ef7466b6e224c834f62c39b381044760a5fe06238ba09b3a0b1a5e6525c
e2e04a8e937f5b74a4c50cb7592a8e0bba54b40818d44e43ffd5c40c6b4fe72a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e71a48d99cc509ca0d2108ccfec7802c98f41a37b772c1ebb034374fa84909fa
e9a681648676dcb7d958f77bed911c7a8a30dabe8ef0265b5ee894205c8aef60
f9f6ed1bb766e4bfe7f765ca940d3e0cafab3099f422b2a8d63d31096eefe862
fda9dc9b1feb432da051add9ca8ccdcdedfe460e5e1be4df5f3d17e0bde69c87