ba-6r5aq.ondigitalocean.app Open in urlscan Pro
2606:4700::6810:f44e  Malicious Activity! Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request login Show response ba-6r5aq.ondigitalocean.app/	14 KB 4 KB	586ms 526ms	Document text/html	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 593f7cf113cbaf9d601a6a7447a44674b584ec01b32e4d822f98a744fa9886d9 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers cache-control private cf-cache-status MISS cf-ray 7520c8429ef09be8-FRA content-encoding br content-type text/html; charset=utf-8 date Thu, 29 Sep 2022 01:00:31 GMT server cloudflare vary Accept-Encoding x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 x-powered-by Next.js
GET H2	200	20285528fc0664fd.css ba-6r5aq.ondigitalocean.app/_next/static/css/	465 KB 64 KB	901ms 899ms	Stylesheet text/css	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/css/20285528fc0664fd.css Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 47706b3d3e8c19fa3ac752ec25a2a2a536d9025922c98cdafa85ec8a213223e6 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"74531-49773873e8" vary Accept-Encoding content-type text/css; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8460a8a9be8-FRA
GET H2	200	webpack-bb469f829a664d48.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/	2 KB 1 KB	491ms 490ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/webpack-bb469f829a664d48.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5dfe185409ff8cc0e73ea870cbefbcdac38297bbfa69c545686e536f7c51fa64 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"891-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8460a8b9be8-FRA
GET H2	200	framework-9b5d6ec4444c80fa.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/	138 KB 45 KB	855ms 851ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/framework-9b5d6ec4444c80fa.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"228c5-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466add9be8-FRA
GET H2	200	main-3123a443c688934f.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/	102 KB 31 KB	684ms 680ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/main-3123a443c688934f.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0eed4542b90a01be928023ec3dc7abed45c63ffc8067a496863ecef579d4af9f Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"199f6-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466ade9be8-FRA
GET H2	200	_app-20b73962947f98fc.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/pages/	1 KB 697 B	542ms 538ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/pages/_app-20b73962947f98fc.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0c34151d923447a6c89471c6c94f630297651f6971391e2a9e43bb1995904dd5 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"4e6-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466adf9be8-FRA
GET H2	200	378-7f91520e427c4e29.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/	44 KB 15 KB	712ms 709ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/378-7f91520e427c4e29.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 648c8ca970b06c87695f59b11c03246440c3bdd9a12b3e61a356d2057e3180fc Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"b13a-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466ae19be8-FRA
GET H2	200	107-8eb7cb37ed7e8331.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/	78 KB 27 KB	713ms 710ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/107-8eb7cb37ed7e8331.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 19f368dc92da70f236d853c51baf78ce455f9893248ef03131b795e052ac0574 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"136f5-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466ae39be8-FRA
GET H2	200	443-62dd299028d36af5.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/	18 KB 7 KB	544ms 541ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/443-62dd299028d36af5.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash dca7d358b9ba49b60befdb37a28ff4be77c5581efc284ab556a25ca3f7a0dc20 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"4926-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466ae49be8-FRA
GET H2	200	login-c798220c09769b78.js Show response ba-6r5aq.ondigitalocean.app/_next/static/chunks/pages/	214 KB 36 KB	661ms 659ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/chunks/pages/login-c798220c09769b78.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2d2a55f3eb6c4b424702cdd740c82baf1105bfe96add0a6725730a4318dd86c Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"356e3-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466ae59be8-FRA
GET H2	200	_buildManifest.js Show response ba-6r5aq.ondigitalocean.app/_next/static/hjfUMZcZ6o7ijh8eO9w3M/	2 KB 853 B	531ms 529ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/hjfUMZcZ6o7ijh8eO9w3M/_buildManifest.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cebbb1861367b5216aa6dd9468a629d3d107403d79834fa43b6ae3c391064089 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"87e-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466ae69be8-FRA
GET H2	200	_ssgManifest.js Show response ba-6r5aq.ondigitalocean.app/_next/static/hjfUMZcZ6o7ijh8eO9w3M/	76 B 123 B	497ms 495ms	Script application/javascript	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ba-6r5aq.ondigitalocean.app/_next/static/hjfUMZcZ6o7ijh8eO9w3M/_ssgManifest.js Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT content-encoding br cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"4c-49773873e8" vary Accept-Encoding content-type application/javascript; charset=UTF-8 cache-control public, max-age=31536000, immutable cf-ray 7520c8466ae79be8-FRA
GET H2	200	BofA_rgb.png ba-6r5aq.ondigitalocean.app/images/	38 KB 39 KB	650ms 649ms	Image image/png	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ba-6r5aq.ondigitalocean.app/images/BofA_rgb.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"99fe-49773873e8" vary Accept-Encoding content-type image/png cache-control public, max-age=0 accept-ranges bytes cf-ray 7520c8466ae89be8-FRA content-length 39422
GET H2	200	mobile_llama.png ba-6r5aq.ondigitalocean.app/images/	19 KB 19 KB	375ms 373ms	Image image/png	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ba-6r5aq.ondigitalocean.app/images/mobile_llama.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:31 GMT cf-cache-status MISS last-modified Tue, 01 Jan 1980 00:00:01 GMT server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 200 etag W/"4adf-49773873e8" vary Accept-Encoding content-type image/png cache-control public, max-age=0 accept-ranges bytes cf-ray 7520c8468b0d9be8-FRA content-length 19167
GET H2	404	aps-mobile-products-icon-sprite-dev.png ba-6r5aq.ondigitalocean.app/content/images/ContextualSiteGraphics/Instructional/en_US/	2 KB 2 KB	521ms 521ms	Image text/html	2606:4700::6810:f44e CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://ba-6r5aq.ondigitalocean.app/content/images/ContextualSiteGraphics/Instructional/en_US/aps-mobile-products-icon-sprite-dev.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/login Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:f44e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Next.js Resource Hash 7bf9d2c4cbd723f9f37d6e4f2305da85f0afe7927e52f8ba6a17d506829f7884 Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/login User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers date Thu, 29 Sep 2022 01:00:32 GMT content-encoding br cf-cache-status MISS server cloudflare x-do-app-origin eceb4dd4-701f-49ae-9d95-ea992da3a85c x-do-orig-status 404 x-powered-by Next.js vary Accept-Encoding content-type text/html; charset=utf-8 cache-control private cf-ray 7520c84bb8c09be8-FRA
GET H/1.1	200 OK	fsd-secure-esp-sprite.png secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/	473 B 2 KB	1363ms 172ms	Image image/png	171.161.102.200 BANKAMERICA
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/components/modules/header-module/2.8/graphic/fsd-secure-esp-sprite.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/_next/static/css/20285528fc0664fd.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.161.102.200 , United States, ASN10794 (BANKAMERICA, US), Reverse DNS Software / Resource Hash 8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01 Security Headers Name Value Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Date Thu, 29 Sep 2022 01:00:33 GMT Last-Modified Tue, 16 Aug 2022 08:48:42 GMT Age 762 ETag "1d9-5e657d0c8c396" X-BOA-RequestID YzSBoVOghbUnzAqIxsp80wAAAJI X-Serviced-By MCZKHc5ndf/YHB0pfbdZRA==--EiAFQKGjhH86GcB5DeqC2Q== Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=487 Content-Length 473
GET H/1.1	200 OK	help-qm-fsd.png secure.bankofamerica.com/pa/global-assets/1.0/graphic/	3 KB 5 KB	1369ms 174ms	Image image/png	171.161.102.200 BANKAMERICA
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/global-assets/1.0/graphic/help-qm-fsd.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/_next/static/css/20285528fc0664fd.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.161.102.200 , United States, ASN10794 (BANKAMERICA, US), Reverse DNS Software / Resource Hash e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e Security Headers Name Value Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Date Thu, 29 Sep 2022 01:00:33 GMT Age 120 X-BOA-RequestID YzTfpTYVuuc5FnQ43a1smgAAAN0 X-Serviced-By OV1UYPGGYRVPEzbVZ/dfeQ==--n9msiBQK4Q3Ic2IAbHsKJw== Connection Keep-Alive Content-Length 3243 Last-Modified Tue, 16 Aug 2022 09:03:59 GMT ETag "c94-5e658076c55d3" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000 Accept-Ranges bytes Keep-Alive timeout=40, max=342 Expires Fri, 29 Sep 2023 00:58:34 GMT
GET H/1.1	200 OK	sign-in-sprite.png secure.bankofamerica.com/pa/global-assets/1.0/graphic/	3 KB 5 KB	1371ms 174ms	Image image/png	171.161.102.200 BANKAMERICA
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/global-assets/1.0/graphic/sign-in-sprite.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/_next/static/css/20285528fc0664fd.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.161.102.200 , United States, ASN10794 (BANKAMERICA, US), Reverse DNS Software / Resource Hash 2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c Security Headers Name Value Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Encoding gzip Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Date Thu, 29 Sep 2022 01:00:33 GMT Age 121 X-BOA-RequestID YzTfpAGfilmDhtt3n2RsDgAAAM0 X-Serviced-By Mz3Q1J/7vWafghLQsEtJhg==--PxG6UQGokj586Na51M60ow== Connection Keep-Alive Content-Length 3142 Last-Modified Tue, 16 Aug 2022 09:04:08 GMT ETag "c2f-5e65807f90d15" Vary Accept-Encoding Content-Type image/png Cache-Control max-age=31536000 Accept-Ranges bytes Keep-Alive timeout=40, max=500 Expires Fri, 29 Sep 2023 00:58:33 GMT
GET H/1.1	200 OK	gfootb-static-sprite.png secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	48 KB 49 KB	1547ms 349ms	Image image/png	171.161.102.200 BANKAMERICA
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/_next/static/css/20285528fc0664fd.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.161.102.200 , United States, ASN10794 (BANKAMERICA, US), Reverse DNS Software / Resource Hash ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4 Security Headers Name Value Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Date Thu, 29 Sep 2022 01:00:33 GMT Last-Modified Tue, 16 Aug 2022 08:47:38 GMT Age 831 ETag "be1b-5e657ccf790c0" X-BOA-RequestID Yy9x-FbC8JqbFW7_dPx-0QAAAWU X-Serviced-By 8+sVjgFlmLVUighXY0Fj9g==--EiAFQKGjhH86GcB5DeqC2Q== Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=447 Content-Length 48667
GET H/1.1	200 OK	gfoot-home-icon.png secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/	144 B 1 KB	1373ms 174ms	Image image/png	171.161.102.200 BANKAMERICA
General Check archive.org Show headers Download Go to Show image Full URL https://secure.bankofamerica.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png Requested by Host: ba-6r5aq.ondigitalocean.app URL: https://ba-6r5aq.ondigitalocean.app/_next/static/css/20285528fc0664fd.css Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 171.161.102.200 , United States, ASN10794 (BANKAMERICA, US), Reverse DNS Software / Resource Hash a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452 Security Headers Name Value Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language de-DE,de;q=0.9 Referer https://ba-6r5aq.ondigitalocean.app/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36 Response headers Strict-Transport-Security max-age=31536000; includeSubDomains Content-Security-Policy script-src 'self' boa-api.arkoselabs.com *.bac-assets.com *.livelook.com *.livelook.net *.tiqcdn.com *.bankofamerica.com *.baml.com *.bofa.com *.ml.com *.merrill.com *.merrilledge.com *.mymerrill.com *.ustrust.com *.glance.net *.glancecdn.net *.myglance.net s3.amazonaws.com *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com *.coremetrics.com *.brightcove.net *.brightcove.com maps.googleapis.com www.paypalobjects.com anrdoezrs.com cj.dotomi.com cj.com cj.mplxtms.com emjcd.com mczbf.com sjwoe.com secure-cdn.mplxtms.com cdn.mplxtms.com 'unsafe-inline' 'unsafe-eval' blob:; style-src 'self' https: data: blob: *.bac-assets.com *.bankofamerica.com *.livelook.com *.livelook.net *.glancecdn.net *.cobrowse.oraclecloud.com *.oraclecloud.com www.google-analytics.com *.convertro.com idsync.rlcdn.com 'unsafe-inline'; worker-src 'self' blob:; Date Thu, 29 Sep 2022 01:00:33 GMT Last-Modified Tue, 16 Aug 2022 08:47:37 GMT Age 817 ETag "90-5e657cce98aed" X-BOA-RequestID YzEjCVD4FbhWQNlxsTRhTQAAAJM X-Serviced-By 41kX+nfCYrlQ1KydYbKJUw==--7Pl6QuzGz8qJDV5AjsFThg== Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=40, max=494 Content-Length 144

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| webpackChunk_N_E object| regeneratorRuntime function| __next_require__ object| next object| __NEXT_DATA__ function| __SSG_MANIFEST_CB object| __NEXT_P object| _N_E undefined| __MIDDLEWARE_MANIFEST object| __BUILD_MANIFEST object| __SSG_MANIFEST

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://ba-6r5aq.ondigitalocean.app/content/images/ContextualSiteGraphics/Instructional/en_US/aps-mobile-products-icon-sprite-dev.png Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ba-6r5aq.ondigitalocean.app
secure.bankofamerica.com
171.161.102.200
2606:4700::6810:f44e
0c34151d923447a6c89471c6c94f630297651f6971391e2a9e43bb1995904dd5
0eed4542b90a01be928023ec3dc7abed45c63ffc8067a496863ecef579d4af9f
19f368dc92da70f236d853c51baf78ce455f9893248ef03131b795e052ac0574
1aee3a5f0c4b6735edff60d58f20a936ce11e5d4a36a5a76390aeda043ae4048
2a1b1589e316d02ab75481e7aa88c9975afd2e87f17982fb6d38b6ebe2425a4c
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
47706b3d3e8c19fa3ac752ec25a2a2a536d9025922c98cdafa85ec8a213223e6
593f7cf113cbaf9d601a6a7447a44674b584ec01b32e4d822f98a744fa9886d9
5dfe185409ff8cc0e73ea870cbefbcdac38297bbfa69c545686e536f7c51fa64
648c8ca970b06c87695f59b11c03246440c3bdd9a12b3e61a356d2057e3180fc
6bb1d4b1b719488b9812d1fb67b41b03857eec8f4e0a4d46a8066574037d817a
7bf9d2c4cbd723f9f37d6e4f2305da85f0afe7927e52f8ba6a17d506829f7884
8c37fb372596058d87dd9208541c49b020d0e840e4f3a5baa27d39be2dc70b01
a8bc6337547a246ef75d1ae66d7ec8a0ed6171c1ba49804a403124e27c8e8452
b2d2a55f3eb6c4b424702cdd740c82baf1105bfe96add0a6725730a4318dd86c
ca3205c6a4eecfd67ad990b62b10e19f601230a2a5b2791676089e82836763f4
cebbb1861367b5216aa6dd9468a629d3d107403d79834fa43b6ae3c391064089
dca7d358b9ba49b60befdb37a28ff4be77c5581efc284ab556a25ca3f7a0dc20
e182e3257a3b5564f7bfb9fb1c6a1e13f8f7c9a3fa0dd6e39ccf473ef8d4f960
e1ac56ae25629e508f729b799d563d71920902a4cb26cf3bb602beb3e368775e