comparability-daewoo.vantechdns.com
Open in
urlscan Pro
162.241.115.6
Malicious Activity!
Public Scan
URL:
http://comparability-daewoo.vantechdns.com/secure/boa.com/indexr.html
Submission: On April 26 via automatic, source openphish — Scanned from DE
Submission: On April 26 via automatic, source openphish — Scanned from DE
Summary
This website contacted 15 IPs
in 4 countries
across 10 domains to perform 61 HTTP transactions.
The main IP is 162.241.115.6, located in
United States and
belongs to NETWORK-SOLUTIONS-HOSTING, US.
The main domain is comparability-daewoo.vantechdns.com.
This is the only time comparability-daewoo.vantechdns.com was scanned on urlscan.io!
This is the only time comparability-daewoo.vantechdns.com was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: Bank of America (Banking)Domain & IP information
| IP Address | AS Autonomous System | ||
|---|---|---|---|
| 4 | 162.241.115.6 162.241.115.6 | 19871 (NETWORK-S...) (NETWORK-SOLUTIONS-HOSTING) | |
| 1 | 54.144.151.173 54.144.151.173 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 16 32 | 2600:9000:238... 2600:9000:238d:f200:7:2bfb:7c00:93a1 | 16509 (AMAZON-02) (AMAZON-02) | |
| 15 | 192.229.133.92 192.229.133.92 | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 52.31.11.204 52.31.11.204 | 16509 (AMAZON-02) (AMAZON-02) | |
| 1 | 52.7.40.116 52.7.40.116 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 3 | 3.228.183.83 3.228.183.83 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 107.20.34.64 107.20.34.64 | 14618 (AMAZON-AES) (AMAZON-AES) | |
| 1 | 63.140.62.135 63.140.62.135 | 15224 (OMNITURE) (OMNITURE) | |
| 2 | 2001:4de0:ac1... 2001:4de0:ac18::1:a:2a | 20446 (STACKPATH...) (STACKPATH-CDN) | |
| 2 | 2606:4700::68... 2606:4700::6811:190e | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 2606:4700::68... 2606:4700::6812:bcf | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
| 1 | 152.199.19.160 152.199.19.160 | 15133 (EDGECAST) (EDGECAST) | |
| 1 | 184.30.129.194 184.30.129.194 | 16625 (AKAMAI-AS) (AKAMAI-AS) | |
| 61 | 15 |
4
162.241.115.6
(United States)
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-115-6.webhostbox.net
ASN19871 (NETWORK-SOLUTIONS-HOSTING, US)
PTR: 162-241-115-6.webhostbox.net
| comparability-daewoo.vantechdns.com |
1
54.144.151.173
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-151-173.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-151-173.compute-1.amazonaws.com
| sofa.bankofamerica.com |
1
52.31.11.204
(Dublin, Ireland)
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-11-204.eu-west-1.compute.amazonaws.com
| dpm.demdex.net |
1
52.7.40.116
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-40-116.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-40-116.compute-1.amazonaws.com
| rail.bankofamerica.com |
3
3.228.183.83
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-183-83.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-183-83.compute-1.amazonaws.com
| aero.bankofamerica.com |
1
107.20.34.64
(Ashburn, United States)
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-34-64.compute-1.amazonaws.com
ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-34-64.compute-1.amazonaws.com
| dull.bankofamerica.com |
1
63.140.62.135
(United States)
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net
ASN15224 (OMNITURE, US)
PTR: ip-63-140-62-135.data.adobedc.net
| smetrics.bankofamerica.com |
1
184.30.129.194
(Frankfurt am Main, Germany)
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-129-194.deploy.static.akamaitechnologies.com
ASN16625 (AKAMAI-AS, US)
PTR: a184-30-129-194.deploy.static.akamaitechnologies.com
| public.cobrowse.oraclecloud.com |
| Apex Domain Subdomains |
Transfer | |
|---|---|---|
| 32 |
tiqcdn.com
16 redirects
tags.tiqcdn.com — Cisco Umbrella Rank: 1219 |
231 KB |
| 15 |
bac-assets.com
secure2.bac-assets.com — Cisco Umbrella Rank: 830165 |
316 KB |
| 7 |
bankofamerica.com
sofa.bankofamerica.com — Cisco Umbrella Rank: 11390 secure.bankofamerica.com Failed rail.bankofamerica.com — Cisco Umbrella Rank: 28863 aero.bankofamerica.com — Cisco Umbrella Rank: 25261 dull.bankofamerica.com — Cisco Umbrella Rank: 27719 smetrics.bankofamerica.com — Cisco Umbrella Rank: 28154 |
155 KB |
| 4 |
vantechdns.com
comparability-daewoo.vantechdns.com |
2 MB |
| 2 |
cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 344 |
12 KB |
| 2 |
jquery.com
code.jquery.com — Cisco Umbrella Rank: 997 |
53 KB |
| 1 |
oraclecloud.com
public.cobrowse.oraclecloud.com — Cisco Umbrella Rank: 30422 |
12 KB |
| 1 |
aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 3961 |
30 KB |
| 1 |
bootstrapcdn.com
stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 3240 |
15 KB |
| 1 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 277 |
782 B |
| 61 | 10 |
| Domain | Requested by | |
|---|---|---|
| 32 | tags.tiqcdn.com |
16 redirects
comparability-daewoo.vantechdns.com
|
| 15 | secure2.bac-assets.com |
comparability-daewoo.vantechdns.com
|
| 4 | comparability-daewoo.vantechdns.com |
comparability-daewoo.vantechdns.com
|
| 3 | aero.bankofamerica.com |
comparability-daewoo.vantechdns.com
|
| 2 | cdnjs.cloudflare.com |
comparability-daewoo.vantechdns.com
|
| 2 | code.jquery.com |
comparability-daewoo.vantechdns.com
|
| 1 | public.cobrowse.oraclecloud.com |
comparability-daewoo.vantechdns.com
|
| 1 | ajax.aspnetcdn.com |
comparability-daewoo.vantechdns.com
|
| 1 | stackpath.bootstrapcdn.com |
comparability-daewoo.vantechdns.com
|
| 1 | smetrics.bankofamerica.com |
comparability-daewoo.vantechdns.com
|
| 1 | dull.bankofamerica.com |
comparability-daewoo.vantechdns.com
|
| 1 | rail.bankofamerica.com |
comparability-daewoo.vantechdns.com
|
| 1 | dpm.demdex.net |
tags.tiqcdn.com
|
| 1 | sofa.bankofamerica.com |
comparability-daewoo.vantechdns.com
|
| 0 | secure.bankofamerica.com Failed |
comparability-daewoo.vantechdns.com
|
| 61 | 15 |
This site contains links to these domains. Also see Links.
| Domain |
|---|
| www.bankofamerica.com |
| Subject Issuer | Validity | Valid | |
|---|---|---|---|
| secure2.bac-assets.com Entrust Certification Authority - L1M |
2022-11-28 - 2023-12-19 |
a year | crt.sh |
| *.demdex.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-09-26 - 2023-10-27 |
a year | crt.sh |
| rail.bankofamerica.com Entrust Certification Authority - L1M |
2023-04-11 - 2024-05-11 |
a year | crt.sh |
| aero.bankofamerica.com Entrust Certification Authority - L1M |
2023-04-11 - 2024-05-11 |
a year | crt.sh |
| dull.bankofamerica.com Entrust Certification Authority - L1M |
2023-04-11 - 2024-05-11 |
a year | crt.sh |
| smetrics.bankofamerica.com Entrust Certification Authority - L1M |
2022-10-21 - 2023-10-21 |
a year | crt.sh |
| *.jquery.com Sectigo RSA Domain Validation Secure Server CA |
2022-08-03 - 2023-07-14 |
a year | crt.sh |
| sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2022-08-03 - 2023-08-02 |
a year | crt.sh |
| *.vo.msecnd.net DigiCert SHA2 Secure Server CA |
2022-07-11 - 2023-07-11 |
a year | crt.sh |
| *.cobrowse.oraclecloud.com DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-01 - 2023-11-04 |
a year | crt.sh |
This page contains 2 frames:
Primary Page:
http://comparability-daewoo.vantechdns.com/secure/boa.com/indexr.html
Frame ID: 7BE7C29B03388C372F0EFCE093FB37B3
Requests: 60 HTTP requests in this frame
Frame:
https://public.cobrowse.oraclecloud.com/rely/storage/ll_storage_html5.html?context=4hgj23291jrl99jx0t6&version=20220914
Frame ID: 3CCE267740B2E8EE1479486F18959D23
Requests: 1 HTTP requests in this frame
Screenshot
Page Title
Bank of America | Online Banking | User ID & Password IncorrectDetected technologies
Bootstrap
(Web Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
RequireJS
(JavaScript Frameworks)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- require.*\.js
Popper
(Miscellaneous)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- /popper\.js/([0-9.]+)
jQuery
(JavaScript Libraries)
Expand
Overall confidence: 100%
Detected patterns
Detected patterns
- jquery[.-]([\d.]*\d)[^/]*\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
5 Outgoing links
These are links going to different origins than the main page.
URL: https://www.bankofamerica.com/
Search URL Search Domain Scan URL
URL: https://www.bankofamerica.com/global/securepage.action
Title: Secure Area
Title: Secure Area
Search URL Search Domain Scan URL
URL: https://www.bankofamerica.com/security-center/privacy-overview/
Title: Privacy
Title: Privacy
Search URL Search Domain Scan URL
URL: https://www.bankofamerica.com/security-center/overview/
Title: Security
Title: Security
Search URL Search Domain Scan URL
URL: https://www.bankofamerica.com/help/equalhousing_popup.go
Title: Equal Housing Lender
Title: Equal Housing Lender
Search URL Search Domain Scan URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.js HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.js
- http://tags.tiqcdn.com/dle/bofa/main/prod-_-olb-tool-multi-forgot-id-passcode.js HTTP 301
- https://tags.tiqcdn.com/dle/bofa/main/prod-_-olb-tool-multi-forgot-id-passcode.js
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.21.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.21.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.35.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.35.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.36.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.36.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.37.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.37.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.38.js?utv=ut4.48.202208192138 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.38.js?utv=ut4.48.202208192138
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.42.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.42.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.55.js?utv=ut4.48.202208192138 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.55.js?utv=ut4.48.202208192138
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.65.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.65.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.72.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.72.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.76.js?utv=ut4.48.202208192138 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.76.js?utv=ut4.48.202208192138
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.62.js?utv=ut4.48.202205202119 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.62.js?utv=ut4.48.202205202119
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.102.js?utv=ut4.48.202208192138 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.102.js?utv=ut4.48.202208192138
- http://tags.tiqcdn.com/utag/bofa/main/prod/utag.108.js?utv=ut4.48.202302230507 HTTP 301
- https://tags.tiqcdn.com/utag/bofa/main/prod/utag.108.js?utv=ut4.48.202302230507
- http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bofa/main/202303030007&cb=1682517924835 HTTP 301
- https://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bofa/main/202303030007&cb=1682517924835
61 HTTP transactions
| Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
GET H/1.1 |
Primary Request
indexr.html
comparability-daewoo.vantechdns.com/secure/boa.com/ |
2 MB 2 MB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
cookie-id.js
sofa.bankofamerica.com/ |
65 B 315 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
324 KB 62 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
babel-polyfill.js
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/platform/ |
96 KB 32 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
id
dpm.demdex.net/ |
83 B 782 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
prod-_-olb-tool-multi-forgot-id-passcode.js
tags.tiqcdn.com/dle/bofa/main/ Redirect Chain
|
3 B 411 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
require.js
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/vendor/require/2.2.0/js/ |
25 KB 8 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
fetch.js
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/vendor/fetch/2.0.3/js/ |
10 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
require-css.js
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/vendor/require-css/0.1.8/js/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cau-forgot.js
secure.bankofamerica.com/pa/components/utilities/ah-continuous-auth-util/1.1/deploy/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
hover.js
rail.bankofamerica.com/30306/ |
70 KB 33 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.21.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
15 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.35.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
50 KB 16 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.36.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
25 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.37.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.38.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
67 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.42.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
17 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.55.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
32 KB 8 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.65.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
55 KB 12 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.72.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
8 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.76.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
109 KB 40 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.62.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
138 KB 44 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.102.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
iac
secure.bankofamerica.com/login/rest/sas/sparta/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
kurt.js
aero.bankofamerica.com/30306/ |
104 KB 47 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
porte.js
dull.bankofamerica.com/boaa/ |
126 KB 74 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
C5ib
aero.bankofamerica.com/30306/ |
0 440 B |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
style.css
comparability-daewoo.vantechdns.com/secure/boa.com/media/ |
414 B 655 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-global-logos-BofA_rgb-CSX5624a146.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
3 KB 2 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-site-secure-ah-forgot-common-BofA_symbol_rgb-CSX33067442.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-site-secure-ah-forgot-common-loader_black-CSX85ecad56.gif
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
4 KB 4 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-site-secure-ah-forgot-common-com_cvv1@2x-CSXec3bc565.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
43 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-site-secure-ah-forgot-common-com_cvv2@2x-CSX5f638a68.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-site-login-common-com_cvv1@2x-CSXec3bc565.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
43 KB 44 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-site-login-common-com_cvv2@2x-CSX5f638a68.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
62 KB 62 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-global-header-lock-CSX1f35fd71.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
51 KB 51 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-global-footer-eha_logo_1x-CSXc5bd9130.png
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
343 B 428 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
s1665816141939
smetrics.bankofamerica.com/b/ss/baamprod/5/boaCustom041918a/ |
43 B 372 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
loading.gif
comparability-daewoo.vantechdns.com/secure/boa.com/media/ |
38 KB 38 KB |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.2.1.min.js
code.jquery.com/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.slim.min.js
code.jquery.com/ |
68 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
popper.min.js
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/ |
20 KB 7 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
bootstrap.min.js
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/ |
49 KB 15 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery-3.3.1.min.js
ajax.aspnetcdn.com/ajax/jQuery/ |
85 KB 30 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
jquery.mask.js
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/ |
20 KB 5 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H/1.1 |
actions.js
comparability-daewoo.vantechdns.com/secure/boa.com/media/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-global-header-secure-lock-CSXa09bf5fc.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
353 B 345 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
assets-images-global-title-flagscape_red-CSX345e7fd7.svg
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/images/ |
2 KB 1 KB |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-regular.woff2
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-bold.woff2
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-bold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-medium.woff2
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-regular.woff
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-medium.woff
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-bold.woff
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-bold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
ll_storage_html5.html
public.cobrowse.oraclecloud.com/rely/storage/ Frame 3CCE |
43 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-medium.ttf
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-regular.ttf
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET |
cnx-bold.ttf
secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-bold/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.108.js
tags.tiqcdn.com/utag/bofa/main/prod/ Redirect Chain
|
10 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
GET H2 |
utag.v.js
tags.tiqcdn.com/utag/tiqapp/ Redirect Chain
|
2 B 429 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- secure.bankofamerica.com
- URL
- https://secure.bankofamerica.com/pa/components/utilities/ah-continuous-auth-util/1.1/deploy/cau-forgot.js
- Domain
- secure.bankofamerica.com
- URL
- https://secure.bankofamerica.com/login/rest/sas/sparta/iac
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff2
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-bold/cnx-bold.woff2
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff2
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.woff
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.woff
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-bold/cnx-bold.woff
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-medium/cnx-medium.ttf
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-regular/cnx-regular.ttf
- Domain
- secure2.bac-assets.com
- URL
- https://secure2.bac-assets.com/sparta/auth/forgot/spa-assets/components/utilities/global/sparta-style-utility/3.2.4/font/cnx-bold/cnx-bold.ttf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: Bank of America (Banking)301 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 boolean| credentialless boolean| setMDA boolean| isMDA object| digitalData object| nucleusSpartaProperties object| core object| __core-js_shared__ object| System function| asap function| Observable function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill boolean| utag_condload object| ignore_keys string| prefix string| nested_delimeter string| data_layer string| tealium_object boolean| tealium_debug object| utag function| log function| getPageID function| ignoreKey function| processDataObject function| processDataArray function| processDataLayer boolean| __tealium_twc_switch function| _isInDataCollector function| _is string| cm_NormalizeList number| bactm_evtSel function| bactm_addSegmentationValues function| bactm_setDD function| bactm_beginDataCollection function| bactm_capturePageview function| bactm_captureAddlPageview function| bactm_captureDynamicPageview function| bactm_loadDataCollection function| bactm_addProducts function| bactm_captureCustomError function| bactm_createManualLinkClickTag function| bactm_restorePageID function| bactm_productView function| cmCreateManualLinkClickTag function| cmCreateCustomError function| cmCreateImpressionTag object| dataCollector object| bactm object| utag_data string| result object| utag_cfg_ovrd function| createCSSBundleLink object| sparta function| requirejs function| require function| define object| ___sc30306 object| ___so30306 number| CLIWHIT string| PSESSIONID string| SSESSIONID string| LSESSIONID object| __tp number| __gt object| theBody object| global undefined| handlebars object| spaParams function| getCurriedBundleDefineShim object| JSEncryptExports object| KJUR object| Hex object| Base64 function| ASN1 function| _ function| onLoopReady object| spartaRequireLoop object| loopExecs object| required function| $ function| jQuery boolean| cGB string| cm_ClientID string| cm_HOST object| dt number| cm_ClientTS string| cm_TrackLink string| cm_DelayHandlerReg string| cm_SkipHandlerReg boolean| cm_TrackTime string| cm_TrackImpressions string| cm_SecureTags boolean| cm_FirstPartyDetect object| cm_DownloadExtensions boolean| cm_UseUTF8 string| cm_FormError boolean| cm_FormPageID boolean| cm_UseCookie number| cm_TimeoutSecs boolean| cm_OffsiteImpressionsEnabled string| cm_AvidHost boolean| cm_AvidLoadTimedOut object| cmUA number| cmDefaultLimit boolean| cGQ number| cGO number| cGR object| cG8 number| cG8Index object| cG6 undefined| cGT object| cG7 function| CI function| CJ number| cG1 boolean| cm_CheckOnSubmit object| cG0 object| cmLastPageID object| cGA number| cmMigrationDisabled number| cmMigrationFrom1p_CM number| cmMigrationFrom1p_SA number| cmValidFlag_SessionContinue number| cmValidFlag_NewSession number| cmValidFlag_NewVisitor number| cmValidFlag_SessionReset string| cmSACookieName string| cmSpecCookieNames string| cmSpecCookieValues number| cmSpecCookiesCount number| cG4 number| cG5 object| cG2 object| cG3 string| cGM string| cGN boolean| cGS boolean| cGU number| cmT2 number| cmT3 string| cGC string| cGD string| cGE string| cGF string| cGG string| cGH boolean| cmSubmitFlag string| cmFormC1 string| cmFormC2 string| cmFormC3 string| cGI string| cGJ string| cGK string| cGL string| chost string| cci number| cmYearOffset string| cmCookieExpDate string| pi string| cT3 string| cT1 undefined| ul undefined| rf undefined| cT2 undefined| cT4 undefined| hr undefined| ti undefined| nm undefined| cV6 undefined| cV7 undefined| cV9 undefined| cV0 undefined| cError undefined| cm_Avid undefined| cm_AvidLoadTimer function| cI function| cE function| cmStartTagSet function| cmAddShared function| cmSendTagSet function| _CQ function| CR function| _cG7 function| cmGetPluginPageID function| c1 function| CS function| CT function| CP function| c21 function| c22 function| c2 function| c4 function| C0 function| CN function| c6 function| CO function| c8 function| CV function| c9 function| cC function| cmLogError function| C4 function| C5 function| C6 function| C8 function| c0 function| C7 function| _cm function| cD function| preEscape function| cF function| CD function| CL function| CB function| cmSetSubCookie function| CC function| cJ function| cK function| CG function| CU function| cL function| cM function| cN function| CM function| CK function| CH function| cmFormBlurRecord function| cmFormElementOnclickEvent function| cmFormElementOnfocusEvent function| cmFormElementOnblurEvent function| cmFormElementOnchangeEvent function| cmFormElementValue function| cO function| cmFormOnresetEvent function| cmFormOnsubmitEvent function| cmFormReportInteraction function| cmFormSubmit function| cU function| cV function| cW function| C9 function| cX function| cY function| cZ function| CA function| CE function| cmSetAvid function| cmJSFConvertSAtoCM function| debugReadCookie function| cmApp function| cmTP number| cm_hitImageIndex string| cm_pageID undefined| cmRandom undefined| cmAppName undefined| cmAppStepName undefined| cmAppStepNumber undefined| cmAppCategory string| cmJv function| cmSetProduction function| cmSetStaging function| bactm_cmCreateConversionEventTag function| bactm_cmCreateCustomError function| bactm_cmCreateErrorTag function| bactm_cmCreateImpressionTag function| bactm_cmCreateManualLinkClickTag function| bactm_cmCreateManualPageviewTag function| bactm_cmCreatePageElementTag function| bactm_cmCreatePageviewTag function| bactm_cmCreateProductDetailsTag function| bactm_cmCreateProductviewTag function| bactm_cmCreateRegistrationTag function| bactm_cmCreateShopAction5Tag function| bactm_cmCreateShopAction9Tag function| cmMakeTag function| autoOrderID function| cmAttr function| cmGetQS function| cmGrabCOIDs function| cmFillAdStrings function| cmGetAdString function| cmGetDefaultOrderID function| cmHTE function| deleteCookie function| getCookie function| getDefaultPageID function| setCookie function| getCustIDVal function| setBACRegCookie function| getRegRandNum function| myNormalizeFORM function| myNormalizeFIELDS function| myNormalizeURL object| cevent function| defaultNormalize object| google_tag_manager object| gDataLayer function| aquarius1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
| Domain/Path | Expires | Name / Value |
|---|---|---|
| comparability-daewoo.vantechdns.com/ | Name: LSESSIONID Value: eyJpIjoiemY4WWFtRG5KQ0R0TkdiMHFSYWFMdz09IiwiZSI6IlwvRHVhdnlHY2YrRUNPM1RiZVFjc2RVQlQraU9IbVFaRU9xajlHQXg1T0ZzcjNVYWUyQTk4SEJoZVFxbUl5dTFIYjE0QmlJdnhXaXduRHpwcDFvSnpjem9CMEk4Y01FRnhmTWl1RUdHaEUzUWJQaWhDdU9wWHowNFQ1eVM5VUMwQ0srZE9HZmtVb1BYTDQrVzRDWFBUUWc9PSJ9.3193e34b1f2b7530.NDk2OTExMmVhYmEzYjQ3NGI2NTgxNzViNGE0MDA3YjZmYWJmOTBjZTNiNjc1YTZjMTBmMDEyMGUxYzJmM2E5ZA%3D%3D |
18 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
| Source | Level | URL Text |
|---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
aero.bankofamerica.com
ajax.aspnetcdn.com
cdnjs.cloudflare.com
code.jquery.com
comparability-daewoo.vantechdns.com
dpm.demdex.net
dull.bankofamerica.com
public.cobrowse.oraclecloud.com
rail.bankofamerica.com
secure.bankofamerica.com
secure2.bac-assets.com
smetrics.bankofamerica.com
sofa.bankofamerica.com
stackpath.bootstrapcdn.com
tags.tiqcdn.com
secure.bankofamerica.com
secure2.bac-assets.com
107.20.34.64
152.199.19.160
162.241.115.6
184.30.129.194
192.229.133.92
2001:4de0:ac18::1:a:2a
2600:9000:238d:f200:7:2bfb:7c00:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
3.228.183.83
52.31.11.204
52.7.40.116
54.144.151.173
63.140.62.135
02835066969199e9924f1332f7172a5d7e552f023a20c3d8ba03bb6c51ce5be5
067e3bbbda237b2efa938536e6731e61f6e50d013473ad15b19ba7a15c5e6192
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0d8a319272e80b45435e88b69aa23fb3772a4f3cb899c03d081bbd610bf4ec42
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
22ad83a1e1c6df759dbce6ce66d0a356948448fc5387daa8196e284c0a275d61
2c9fc5ab09696fff380be95cd6131b95ac35b5902fba9f1633cb0552a7311397
35a77234f396ce2e5cc205ab9dd78c0cef11eaf14e4ef92bb910243021e83147
38fc756dfdd0689c674e787e6e030549f7f3856e533350aabeb46cce0d2b9b77
39dbce1c22ad520f9375419e5a912bb91201ddc820f2759bf4c3e58f59355f05
3a1b52b7233dfe08972f5f53d864d752f45809f9fd298966de4802dc13bf1d77
3b84d92da91b81ba61b9ddd2628cebe507f673a75a1d6dc8679ec1eb1ed05dd4
3c07fca41c0264691556bb4551861209b63fb504abe71e829eff2ec75558c6d2
3f9b92418dc9efa927074857a74e6e8e2dd4e162fceb8bc53b21fbcf740b483a
46b1bdd52215324f3660248b3d50538503d8ad4f32afe3d82e2d8f7b35bf820d
51f380e4abbdf4b680c54f673835d4dd976e5355955a71f3b12191dbff588a82
5a8a24e60c4baaa333335e07d7f2c59150c9d4c67da65da0bf283723dcf8b63a
5e3d5246b17e19e65385092db07554d8e1c5c4a226a6d7f97824b8e1e8571e34
64883a65311533173ce48cf6d79f0d47b1c0d69dbfb31a766625035f2d648b3a
6c7f8fb9f19d36be96cb37942cbd0ff926437d0ad258fbbbd7e24a85b2b85f6b
78d053964623b59a6282599c3e654fa1739447a68543c8552c70d2b097146853
7924e7e8b95825e4cefbfc31444ea9247e1b0d04cb066b56f06addf9cc7c5eaf
826190201cbb9553bede1e1c3f8d6b8b622e6e5adece5d4175f4e6c5d74cc510
82de902d043a111a7398287f925c86a750ddf36e4b3d3362b15bedeb7550f0d5
8555af3333da1c6fd8fde930610f2dda640538d1f938915d7fb8acad31ac668b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8bcecbd1eeb6e999bc9583d1e35c12a74d044dba44ee22e185e138f05ca05414
9467cac886ffab1bcde9bccf7761ef3b9d4dca1bf431741c46d2bc449225ec5d
9d126876593010ede64c627d0aaec14f551d2c5ced4f42bc46e14484fdf9be1e
a154e9972c58b8a28ab486b93d7b7a702bf3f71505b5c1556b8fdaa8ab12b95a
a1ecbaed793a1f564c49c671f2dd0ce36f858534ef6d26b55783a06b884cc506
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
a546593efaeaf8aea14e367bb7cb475d31dbf1d36e6ad9d4c467cc81d77f1da0
ac8e1e6b273e90844b55a061f1d25afce1ecdecc6ff1234c8035d5655c94d0bc
be483938eb34538b970684f72e312f62652e84b42b7ad86953962d1ce2217c44
ca94575510e59e5ecc72c31ad81f769a3a26ec6672f705a5bf15ae780d6ef441
d29b4304625e55cffd5e646bebf9d589034ee99d546e1f70ea91ac21da47c955
d4637eb830c4e16d44715277642270f0088ff631f1f338dbf377403b87d13f6d
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e04116c88aeb29b2ff4e028fda505208f6a6aa46ceca773e82b8bf5e49195a23
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1e2c7f7966523d78b1c294052dfa4b2db256a21ead9fb711d187e0fd54be7a
f3c97c4ff1193e036949c0f9b5b7c2f3ca89de524408376b1385a96cdbb79b7e
f831295258274780ec6638f8644cfc0e3532d0826f98d373b2ef5de888d50e43
f970c0e040cdc56f52d1d1b89b2357ec587ee5a0a7d1e00f7354ae65e074b4dc
ff6db729059a41b9bfdb1ba25dc6dbd9524cc4f0948f7fd6232e5ea03688232f