www.clickbankqueen.com
Open in
urlscan Pro
2606:4700:20::681a:408
Malicious Activity!
Public Scan
URL:
https://www.clickbankqueen.com/wp-admin/cs/login/otp.php
Submission: On June 12 via api from JP — Scanned from JP
Submission: On June 12 via api from JP — Scanned from JP
Summary
This website contacted 14 IPs
in 3 countries
across 9 domains to perform 72 HTTP transactions.
The main IP is 2606:4700:20::681a:408, located in
United States and
belongs to CLOUDFLARENET, US.
The main domain is www.clickbankqueen.com.
TLS certificate: Issued by GTS CA 1P5 on June 6th 2023. Valid for: 3 months.
This is the only time www.clickbankqueen.com was scanned on urlscan.io!
TLS certificate: Issued by GTS CA 1P5 on June 6th 2023. Valid for: 3 months.
This is the only time www.clickbankqueen.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 5 20 | 2606:4700:20:... 2606:4700:20::681a:408 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 35.172.108.248 35.172.108.248 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 6 | 3.212.104.172 3.212.104.172 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 28 | 34.198.216.104 34.198.216.104 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 3.82.80.35 3.82.80.35 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 2404:6800:400... 2404:6800:4004:826::2008 | 15169 (GOOGLE) (GOOGLE) | |
| 11 | 171.161.118.200 171.161.118.200 | 10794 (BANKAMERICA) (BANKAMERICA) | |
| 1 | 2606:4700::68... 2606:4700::6810:3865 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 2 | 2404:6800:400... 2404:6800:4004:81e::200e | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2404:6800:400... 2404:6800:4008:c19::9d | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2404:6800:400... 2404:6800:4004:80f::2004 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 2404:6800:400... 2404:6800:4004:81f::2003 | 15169 (GOOGLE) (GOOGLE) | |
| 1 | 13.225.165.90 13.225.165.90 | 16509 (AMAZON-02) (AMAZON-02) | |
| 72 | 14 |
20
2606:4700:20::681a:408
(United States)
ASN13335 (CLOUDFLARENET, US)
ASN13335 (CLOUDFLARENET, US)
| www.clickbankqueen.com | |
| clickbankqueen.com |
1
35.172.108.248
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-108-248.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-35-172-108-248.compute-1.amazonaws.com
| rail.bankofamerica.com |
6
3.212.104.172
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-104-172.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-212-104-172.compute-1.amazonaws.com
| boss.bankofamerica.com |
28
34.198.216.104
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-216-104.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-216-104.compute-1.amazonaws.com
| aero.bankofamerica.com |
1
3.82.80.35
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-80-35.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-82-80-35.compute-1.amazonaws.com
| dull.bankofamerica.com |
1
13.225.165.90
(United States)
ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-90.nrt12.r.cloudfront.net
ASN16509 (AMAZON-02, US)
PTR: server-13-225-165-90.nrt12.r.cloudfront.net
| awuseb.advanced-web-analytics.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 47 |
bankofamerica.com
rail.bankofamerica.com — Cisco Umbrella Rank: 22435 boss.bankofamerica.com — Cisco Umbrella Rank: 22146 aero.bankofamerica.com — Cisco Umbrella Rank: 20081 dull.bankofamerica.com — Cisco Umbrella Rank: 22238 secure.bankofamerica.com — Cisco Umbrella Rank: 14294 |
341 KB |
| 20 |
clickbankqueen.com
5 redirects
www.clickbankqueen.com clickbankqueen.com |
116 KB |
| 2 |
google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 57 |
21 KB |
| 1 |
advanced-web-analytics.com
awuseb.advanced-web-analytics.com — Cisco Umbrella Rank: 25052 |
31 KB |
| 1 |
google.co.jp
www.google.co.jp — Cisco Umbrella Rank: 20222 |
408 B |
| 1 |
google.com
www.google.com — Cisco Umbrella Rank: 3 |
408 B |
| 1 |
doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 121 |
357 B |
| 1 |
cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 1114 |
7 KB |
| 1 |
googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 75 |
47 KB |
| 72 | 9 |
| Domain | Requested by | |
|---|---|---|
| 28 | aero.bankofamerica.com |
www.clickbankqueen.com
aero.bankofamerica.com |
| 15 | www.clickbankqueen.com |
5 redirects
www.clickbankqueen.com
static.cloudflareinsights.com |
| 11 | secure.bankofamerica.com |
www.clickbankqueen.com
secure.bankofamerica.com |
| 6 | boss.bankofamerica.com |
www.clickbankqueen.com
boss.bankofamerica.com |
| 5 | clickbankqueen.com |
www.clickbankqueen.com
|
| 2 | www.google-analytics.com |
www.googletagmanager.com
www.google-analytics.com |
| 1 | awuseb.advanced-web-analytics.com |
aero.bankofamerica.com
|
| 1 | www.google.co.jp |
www.clickbankqueen.com
|
| 1 | www.google.com |
www.clickbankqueen.com
|
| 1 | stats.g.doubleclick.net |
www.google-analytics.com
|
| 1 | static.cloudflareinsights.com |
www.clickbankqueen.com
|
| 1 | www.googletagmanager.com |
www.clickbankqueen.com
|
| 1 | dull.bankofamerica.com |
www.clickbankqueen.com
|
| 1 | rail.bankofamerica.com |
www.clickbankqueen.com
|
| 72 | 14 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.bankofamerica.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| clickbankqueen.com GTS CA 1P5 |
2023-06-06 - 2023-09-04 |
3 months | crt.sh |
| rail.bankofamerica.com Entrust Certification Authority - L1M |
2023-04-11 - 2024-05-11 |
a year | crt.sh |
| boss.bankofamerica.com Entrust Certification Authority - L1M |
2023-04-11 - 2024-05-11 |
a year | crt.sh |
| aero.bankofamerica.com Entrust Certification Authority - L1M |
2023-04-11 - 2024-05-11 |
a year | crt.sh |
| dull.bankofamerica.com Entrust Certification Authority - L1M |
2023-04-11 - 2024-05-11 |
a year | crt.sh |
| *.google-analytics.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
| secure.bankofamerica.com Entrust Certification Authority - L1M |
2023-05-02 - 2024-06-02 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2023-04-10 - 2024-04-09 |
a year | crt.sh |
| *.g.doubleclick.net GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
| www.google.com GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
| *.google.co.jp GTS CA 1C3 |
2023-05-19 - 2023-08-11 |
3 months | crt.sh |
| *.advanced-web-analytics.com GeoTrust TLS RSA CA G1 |
2023-04-13 - 2024-05-10 |
a year | crt.sh |
This page contains 6 frames:
Primary Page:
https://www.clickbankqueen.com/wp-admin/cs/login/otp.php
Frame ID: 9431A5A22ED02C0A878EE5F31D96B4C4
Requests: 67 HTTP requests in this frame
Frame:
https://aero.bankofamerica.com/30306/suboban.html?sui=2757243bfd76bd3aebcd1eb7ce0187f28303aa7a7051d1e95e59ed6ee70aa209
Frame ID: 945A75C56FA008B4959532AB8C6AAB44
Requests: 1 HTTP requests in this frame
Frame:
https://boss.bankofamerica.com/30306/ugateway.html?si=0&e=https%3A%2F%2Fwww.clickbankqueen.com&LSESSIONID=eyJpIjoiS2lMQ1QydVBjQ3lyZnh0bnY2K216QT09IiwiZSI6ImtEWnhtXC9zc294WXFUVWtVWE1tYk5OSmpOSWVYZ3huTnZuaVM3elhyeXFRcmVCV0taM1Y0aEVIdUxHV21kVW9Ec1U2RlE4bEpQblFFellkUWZwM2lGZ0NYcTd6Tno1SytscFZnUVFWM2ZqNHFTK2RiWUFLY1VWMHZqUlkzY3VCczNma3dCU3J4bnViU1dQXC9WVE4wQzlnPT0ifQ%3D%3D.044fcfc403f5baf4.Mzc0MDdlNDhiZTk4MzBiYzcwYjcwOWI0NTdmNmQzMjk5YmEwNDNhMDNjOGY0ZDE5YzE1ZWEyNjRmMmUzNmNmYg%3D%3D&t=xframe&eu=https%3A%2F%2Fwww.clickbankqueen.com%2Fwp-admin%2Fcs%2Flogin%2Fotp.php&icid=168653184268577286
Frame ID: D87E8F95132A92B9193E05620ECB4E50
Requests: 1 HTTP requests in this frame
Frame:
https://awuseb.advanced-web-analytics.com/30306/nuadke.html?e=https%3A%2F%2Fwww.clickbankqueen.com&es=eyJpIjoiS2lMQ1QydVBjQ3lyZnh0bnY2K216QT09IiwiZSI6ImtEWnhtXC9zc294WXFUVWtVWE1tYk5OSmpOSWVYZ3huTnZuaVM3elhyeXFRcmVCV0taM1Y0aEVIdUxHV21kVW9Ec1U2RlE4bEpQblFFellkUWZwM2lGZ0NYcTd6Tno1SytscFZnUVFWM2ZqNHFTK2RiWUFLY1VWMHZqUlkzY3VCczNma3dCU3J4bnViU1dQXC9WVE4wQzlnPT0ifQ%3D%3D.044fcfc403f5baf4.Mzc0MDdlNDhiZTk4MzBiYzcwYjcwOWI0NTdmNmQzMjk5YmEwNDNhMDNjOGY0ZDE5YzE1ZWEyNjRmMmUzNmNmYg%3D%3D&re=https%3A%2F%2Fwww.clickbankqueen.com%2Fwp-admin%2Fcs%2Flogin%2Fotp.php&eu=https%3A%2F%2Fwww.clickbankqueen.com%2Fwp-admin%2Fcs%2Flogin%2Fotp.php&icid=168653184270154471
Frame ID: C6FDC24B5FD0F8FF12223D844A287381
Requests: 1 HTTP requests in this frame
Frame:
https://boss.bankofamerica.com/30306/iconnectmx.html?sui=2757243bfd76bd3aebcd1eb7ce0187f28303aa7a7051d1e95e59ed6ee70aa209
Frame ID: A1C9F685E1FD71EE370E21F49B0044C5
Requests: 1 HTTP requests in this frame
Frame:
https://aero.bankofamerica.com/30306/suboban.html?sui=2757243bfd76bd3aebcd1eb7ce0187f28303aa7a7051d1e95e59ed6ee70aa209
Frame ID: 61EB8782705E6C6BE02C1463FF33211E
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bank of America | Online Banking | Authorization Code RequestDetected technologies
PHP
(Programming Languages)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- \.php(?:$|\?)
AppDynamics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- adrum
Cloudflare Browser Insights
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Google Analytics
(Analytics)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
Google Tag Manager
(Tag Managers)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- googletagmanager\.com/gtag/js
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
3 Outgoing links
These are links going to different origins than the main page.
URL: https://www.bankofamerica.com/security-center/privacy-overview/
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.bankofamerica.com/security-center/overview/
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: https://www.bankofamerica.com/help/equalhousing-popup/
Title: Equal Housing Lender
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://www.clickbankqueen.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/9.3/script/vipaa-v4-jawr.js HTTP 301
- https://clickbankqueen.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/9.3/script/vipaa-v4-jawr.js
- https://www.clickbankqueen.com/pa/global-assets/1.0/script/libraries/jquery-migrate-custom.js HTTP 301
- https://clickbankqueen.com/pa/global-assets/1.0/script/libraries/jquery-migrate-custom.js
- https://www.clickbankqueen.com/wp-admin/cs/login/pa/components/modules-app/VIPAA/header-vipaa-module/1.0/graphic/fsd-secure-esp-sprite.png HTTP 301
- https://clickbankqueen.com/wp-admin/cs/login/pa/components/modules-app/VIPAA/header-vipaa-module/1.0/graphic/fsd-secure-esp-sprite.png
- https://www.clickbankqueen.com/wp-admin/cs/login/pa/global-assets/1.0/graphic/buttons/gray-button-cap.png HTTP 301
- https://clickbankqueen.com/wp-admin/cs/login/pa/global-assets/1.0/graphic/buttons/gray-button-cap.png
- https://www.clickbankqueen.com/wp-admin/cs/login/pa/global-assets/1.0/graphic/buttons/gray-button-main.png HTTP 301
- https://clickbankqueen.com/wp-admin/cs/login/pa/global-assets/1.0/graphic/buttons/gray-button-main.png
- https://www.clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff HTTP 301
- https://clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff
- https://www.clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf HTTP 301
- https://clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf
72 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H2 |
Primary Request
otp.php
www.clickbankqueen.com/wp-admin/cs/login/ |
90 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
zog6r0n5xf0RBFqkO4BMfgQEVkw.js
www.clickbankqueen.com/cdn-cgi/apps/head/ |
7 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vipaa-v4-jawr.css
www.clickbankqueen.com/wp-admin/cs/login/ded/components/bundles/gzip-compressed/xengine/VIPAA/9.3/style/ |
519 KB 69 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
vipaa-v4-jawr.js
clickbankqueen.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/9.3/script/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hover.js
rail.bankofamerica.com/30306/ |
70 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-migrate-custom.js
clickbankqueen.com/pa/global-assets/1.0/script/libraries/ Redirect Chain
|
0 0 |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
creanza.js
boss.bankofamerica.com/30306/ |
70 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kurt.js
aero.bankofamerica.com/30306/ |
104 KB 47 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
dis4.js
boss.bankofamerica.com/30306/ |
68 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
porte.js
dull.bankofamerica.com/boaa/ |
122 KB 71 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pHAQ
boss.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
js
www.googletagmanager.com/gtag/ |
120 KB 47 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
vipaa-v4-jawr-print.css
www.clickbankqueen.com/wp-admin/cs/login/ded/components/bundles/gzip-compressed/xengine/VIPAA/9.3/style/ |
11 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
BofA_rgb.png
secure.bankofamerica.com/content/images/ContextualSiteGraphics/Logos/en_US/ |
38 KB 24 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
olb-2col-standard-layout.css
www.clickbankqueen.com/wp-admin/cs/login/ded/components/layouts/olb-2col-standard-layout/1.1/style/ |
377 B 682 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authCodeInitialize.go
secure.bankofamerica.com/login/authcode/ |
0 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
acw-v4-jawr.css
secure.bankofamerica.com/pa/components/bundles/gzip-compressed/xengine/VIPAA/9.3/style/ |
56 KB 8 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
v52afc6f149f6479b8c77fa569edb01181681764108816
static.cloudflareinsights.com/beacon.min.js/ |
19 KB 7 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
fsd-secure-esp-sprite.png
clickbankqueen.com/wp-admin/cs/login/pa/components/modules-app/VIPAA/header-vipaa-module/1.0/graphic/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
help-qm-fsd.png
www.clickbankqueen.com/wp-admin/cs/login/pa/global-assets/1.0/graphic/ |
226 B 826 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gray-button-cap.png
clickbankqueen.com/wp-admin/cs/login/pa/global-assets/1.0/graphic/buttons/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gray-button-main.png
clickbankqueen.com/wp-admin/cs/login/pa/global-assets/1.0/graphic/buttons/ Redirect Chain
|
0 0 |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-regular.woff
clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
analytics.js
www.google-analytics.com/ |
51 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
www.google-analytics.com/j/ |
2 B 212 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H2 |
collect
stats.g.doubleclick.net/j/ |
7 B 357 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.com/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ga-audiences
www.google.co.jp/ads/ |
42 B 408 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authCodeInitialize.go
secure.bankofamerica.com/login/authcode/ |
0 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authCodeInitialize.go
secure.bankofamerica.com/login/authcode/ |
0 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authCodeInitialize.go
secure.bankofamerica.com/login/authcode/ |
0 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authCodeInitialize.go
secure.bankofamerica.com/login/authcode/ |
0 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-regular.ttf
clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/ Redirect Chain
|
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
authCodeInitialize.go
secure.bankofamerica.com/login/authcode/ |
0 2 KB |
Script
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gray-button-cap.png
secure.bankofamerica.com/pa/components/modules/acw-widget-module/1.8/graphic/ |
712 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
gray-button-main.png
secure.bankofamerica.com/pa/components/modules/acw-widget-module/1.8/graphic/ |
959 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
fsd-arrows.png
secure.bankofamerica.com/pa/components/modules/acw-widget-module/1.8/graphic/ |
246 B 2 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gfootb-static-sprite.png
www.clickbankqueen.com/wp-admin/cs/login/pa/components/modules/global-footer-module/2.5/graphic/ |
250 B 861 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H3 |
gfoot-home-icon.png
www.clickbankqueen.com/wp-admin/cs/login/pa/components/modules/global-footer-module/2.5/graphic/ |
92 B 689 B |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
pHAQ
boss.bankofamerica.com/30306/ |
88 B 537 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
rum
www.clickbankqueen.com/cdn-cgi/ |
0 146 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
POST H3 |
rum
www.clickbankqueen.com/cdn-cgi/ |
0 146 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
suboban.html
aero.bankofamerica.com/30306/ Frame 945A |
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ugateway.html
boss.bankofamerica.com/30306/ Frame D87E |
75 KB 35 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
nuadke.html
awuseb.advanced-web-analytics.com/30306/ Frame C6FD |
66 KB 31 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
iconnectmx.html
boss.bankofamerica.com/30306/ Frame A1C9 |
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
suboban.html
aero.bankofamerica.com/30306/ Frame 61EB |
21 KB 10 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- clickbankqueen.com
- URL
- https://clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.woff
- Domain
- clickbankqueen.com
- URL
- https://clickbankqueen.com/pa/global-assets/1.0/font/cnx-regular/cnx-regular.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)81 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 boolean| credentialless object| onbeforetoggle object| onscrollend object| Eager object| CloudflareApps object| dataLayer string| boaVIPAAuseGzippedBundles boolean| enableKeypress string| boaVIPAAjawrEnabled object| boaPageDataJS object| ttMETA function| seTTCookie function| geTTCookieVal function| readCookie undefined| ThrottleVal undefined| isSBCustomer string| runOnce undefined| img object| v object| ___sc30306 object| ___so30306 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt object| theBody string| continueURL function| myUrl object| otpWidgetInit string| pageId undefined| locale string| vipaaServer string| otpInitURL string| otp_script object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData function| aquarius object| __cfBeacon object| ____0.85583481486786510 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| www.clickbankqueen.com/ | Name: LSESSIONID Value: eyJpIjoiS2lMQ1QydVBjQ3lyZnh0bnY2K216QT09IiwiZSI6ImtEWnhtXC9zc294WXFUVWtVWE1tYk5OSmpOSWVYZ3huTnZuaVM3elhyeXFRcmVCV0taM1Y0aEVIdUxHV21kVW9Ec1U2RlE4bEpQblFFellkUWZwM2lGZ0NYcTd6Tno1SytscFZnUVFWM2ZqNHFTK2RiWUFLY1VWMHZqUlkzY3VCczNma3dCU3J4bnViU1dQXC9WVE4wQzlnPT0ifQ%3D%3D.044fcfc403f5baf4.Mzc0MDdlNDhiZTk4MzBiYzcwYjcwOWI0NTdmNmQzMjk5YmEwNDNhMDNjOGY0ZDE5YzE1ZWEyNjRmMmUzNmNmYg%3D%3D |
|
| .clickbankqueen.com/ | Name: _ga Value: GA1.2.1540020125.1686531840 |
|
| .clickbankqueen.com/ | Name: _gid Value: GA1.2.1843281524.1686531840 |
|
| .clickbankqueen.com/ | Name: _gat_gtag_UA_67295330_1 Value: 1 |
|
| .bankofamerica.com/ | Name: SPID Value: C2S1 |
|
| .bankofamerica.com/ | Name: SID Value: 001B04F9C10064867157 |
|
| www.clickbankqueen.com/ | Name: __gdic Value: lis5iidow0rf78scjo |
|
| .bankofamerica.com/ | Name: LSESSIONID Value: eyJpIjoiS2lMQ1QydVBjQ3lyZnh0bnY2K216QT09IiwiZSI6ImtEWnhtXC9zc294WXFUVWtVWE1tYk5OSmpOSWVYZ3huTnZuaVM3elhyeXFRcmVCV0taM1Y0aEVIdUxHV21kVW9Ec1U2RlE4bEpQblFFellkUWZwM2lGZ0NYcTd6Tno1SytscFZnUVFWM2ZqNHFTK2RiWUFLY1VWMHZqUlkzY3VCczNma3dCU3J4bnViU1dQXC9WVE4wQzlnPT0ifQ%3D%3D.044fcfc403f5baf4.Mzc0MDdlNDhiZTk4MzBiYzcwYjcwOWI0NTdmNmQzMjk5YmEwNDNhMDNjOGY0ZDE5YzE1ZWEyNjRmMmUzNmNmYg%3D%3D |
|
| .advanced-web-analytics.com/ | Name: LSESSIONID Value: eyJpIjoibFlsS1psWGhJZDYwWSs5am1YNjRsQT09IiwiZSI6ImluQkJzSkJSS0poMkNENE02TnRveDBtV1FcL1dxNjBUY2RMY2FyVVR0Z3Y1aUR4b1wvbldHSldmU2xQeFdVT1lWTHo0MFQzVlg1YVVSSHdFRldlUFwvekpQTU85N1lYMTNjRVwvYkNRTmtEMUxQRHpJUFc3SEtFZCtKU3ErWjVaK3BteW1LT0JEYUFRRFdYaTVjVzFOZU9wdXc9PSJ9.acc44070d61d7380.Mzc0MDdlNDhiZTk4MzBiYzcwYjcwOWI0NTdmNmQzMjk5YmEwNDNhMDNjOGY0ZDE5YzE1ZWEyNjRmMmUzNmNmYg%3D%3D |
|
| www.clickbankqueen.com/ | Name: ___r30306 Value: 0.127851503852 |
11 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
| Header | Value |
|---|---|
| Strict-Transport-Security | max-age=0; includeSubDomains; preload |
| X-Content-Type-Options | nosniff |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aero.bankofamerica.com
awuseb.advanced-web-analytics.com
boss.bankofamerica.com
clickbankqueen.com
dull.bankofamerica.com
rail.bankofamerica.com
secure.bankofamerica.com
static.cloudflareinsights.com
stats.g.doubleclick.net
www.clickbankqueen.com
www.google-analytics.com
www.google.co.jp
www.google.com
www.googletagmanager.com
clickbankqueen.com
13.225.165.90
171.161.118.200
2404:6800:4004:80f::2004
2404:6800:4004:81e::200e
2404:6800:4004:81f::2003
2404:6800:4004:826::2008
2404:6800:4008:c19::9d
2606:4700:20::681a:408
2606:4700::6810:3865
3.212.104.172
3.82.80.35
34.198.216.104
35.172.108.248
09e13a901930615836054e08590b149ff01a7c57274fb40558688b3eb10d26a8
0e26de59b9282770ad8f4cb23503dd5de8c26ce9e980266b341aadee2fce53fe
121c01df60b46501a789d21941b88895429e9dcccc5431c70f25efe898682e94
13a548e040a1ec08f77911fed1d559b95e5daae0ee227e632140e003c7268e7b
25fcadaae604db0e9cb1901542960b03872011628f41a83b381f45d7f40f746c
2bd7a2c113455cb6a015b33188207c2f7f5b5e7c584ce1ea4f8b0a1e990da133
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
3162751d4e669860bbf64eb91c41301524c2abb83faa18060b6ceb857e0fa3a1
4355e6bae7bea7ecebc9b386c672788dfb23fe2375a937daf63897397acb8b8f
5daebf89f554f803bca28519849d9d5277bbed296061266a2f21057497b8935f
62f14114f8b04a614501893fb992dae2a73d7b10bf012efdd5730acbf26f9bb2
6a1e8e80b53e112747f133c6a6b646631863aa1e3fd162b16c197f347b6ee57c
71828e004e9617e760d3b8d2e9e90d8b7718c20b636f9b7210574d2a2dab28ca
751a20a18afc6fa5b2d5f4c9a85e3f85b4044b9bd3b7d039bbbb7236f449bdb1
77fc1276eac919f1ae30a66ebfd62b6f9c49ffbba43baefec8204178aebd9898
82152c20ef3f55eaeeb1aa59be716961ec4eccd9c682b59f1503a523479ab31a
90d1a7f83a6b935a34486daf4d3bebf1a89532639289088374e4f2c9dc293a8d
9b1dbbdd430b4f84401e6ea62bd8372ccd00a1d2d168558ea07aa9caf6d83240
c500f5280fd940c8f6bd1573c2ba1ad42601a265c50ecb85f3ee07d0ce1fc05b
cfe1b0c8b29e2e4692756ff3a9b83422e9b16b540aa0f903c1dc2d5eeac72b3a
d82dc27884e0a1af288776818f65e539bc887c46136ff562c17b391114a0e9f8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8019a9917d93a6d6b63c8eed1a3edd59b41682c5aac99a8d8e0af1a2ae2383f
e8b62c3db41a4557ea51a89e2550027571ca8c6cfc967c5a68ef087dd7d025d3
ec8a7b5d27dd9c4cd59db1c74a73aec065c0660675f7ef26f300ab49e4bb5825
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fae07c5746430b3ff84fd96db8f5e7b0fcf54853a209bdc5bf2837b38bdfa7a3